Date: Wed, 29 Jun 2005 14:34:42 +1000 From: Norberto Meijome <freebsd@meijome.net> To: "freebsd-questions@FreeBSD. ORG" <freebsd-questions@freebsd.org> Subject: Re: Shell script help Message-ID: <42C224E2.1070003@meijome.net> In-Reply-To: <42C21862.6010700@daleco.biz> References: <MIEPLLIBMLEEABPDBIEGCEOCHHAA.fbsd_user@a1poweruser.com> <1120015025.659.12.camel@chaucer> <42C21862.6010700@daleco.biz>
next in thread | previous in thread | raw e-mail | index | archive | help
Kevin Kinsey wrote:
>
> =================
>
> # Rule number variable
> RuleNum=100
>
> #################################
> # this function increments $RulNum var by 100... #
> #################################
>
> inc () {
> RuleNum=$(expr $1 "+" 100)
> }
>
>
> ##################
> # LET'S GET STARTED #
> ##################
>
> # flush the ruleset ...
> /sbin/ipfw -q flush
>
> # set up the loopback ...
> $FW $RuleNum allow ip from any to any via $loopback
> inc $RuleNum
>
> # deny localhost traffic on other interfaces
> $FW $RuleNum deny ip from 127.0.0.0/8 to any
> inc $RuleNum
> $FW $RuleNum deny ip from any to 127.0.0.0/8
> inc $RuleNum
>
> ==================
nice use...but what's the point ? ipfw assigns rule #s automatically.
I agree that you may want to hardcode your rule #s (0-100 for localhost,
200 - 5000 for LAN, etc) but using your inc() process defeats the
purpose of this.
just my $0.02
Beto
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?42C224E2.1070003>