Date: Fri, 3 Aug 2007 14:51:08 +0300 From: Giorgos Keramidas <keramida@ceid.upatras.gr> To: "Tuc at T-B-O-H.NET" <ml@t-b-o-h.net> Cc: freebsd-questions@freebsd.org Subject: Re: Firewall rules / Proper directory Message-ID: <20070803115108.GA2202@kobe.laptop> In-Reply-To: <200708021849.l72IngJF075942@himinbjorg.tucs-beachin-obx-house.com> References: <20070802182120.GA18907@kobe.laptop> <200708021849.l72IngJF075942@himinbjorg.tucs-beachin-obx-house.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2007-08-02 14:49, "Tuc at T-B-O-H.NET" <ml@t-b-o-h.net> wrote: >Giorgos Keramidas wrote: >>On 2007-08-02 12:36, "Tuc at T-B-O-H.NET" <ml@t-b-o-h.net> wrote: >>> Hi, >>> I'm developing firewall rules for a machine, and I'm wondering what >>> the standard is for putting my version of an ipfw "firewall_script"? >> >> I usually save my rules in '/etc/pf.conf' or '/etc/ipfw.rules'. >> >> It's not like the '/etc' directory is a "please do not touch" area. > > Thanks... > > I always DO try to keep things out of /etc if at all possible, I > regard that as "system space", and if I do "trespass" into it its > usually a file or directory previously allocated for that > (/etc/rc.conf, /etc/mail/*). That's ok, but it's not like the world is going to end if you add a bit of customization to '/etc' files. We have mergemaster(8) to make sure these local updates and customizations are not lost when you upgrade :-) > I've made a "/etc/rc.firewall.local".... I may rename it in the future > to stand out more, but we'll see how it goes for now. Neat. Have fun with the new firewall ruleset then.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070803115108.GA2202>