From owner-freebsd-stable Tue Sep 14 7:26:55 1999 Delivered-To: freebsd-stable@freebsd.org Received: from amanda.swlct.sthames.nhs.uk (hide14.nhs.uk [194.6.81.14]) by hub.freebsd.org (Postfix) with ESMTP id AC35414C89; Tue, 14 Sep 1999 07:26:43 -0700 (PDT) (envelope-from Greg.Quinlan@swlct.sthames.nhs.uk) Received: from greg.swlct.sthames.nhs.uk (qmh-00553.qmpgmc.ac.uk [10.1.20.82]) by amanda.swlct.sthames.nhs.uk (8.9.3/8.9.3) with SMTP id PAA07704; Tue, 14 Sep 1999 15:26:57 +0100 (BST) Message-ID: <002601befebe$06cb9840$5214010a@swlct.sthames.nhs.uk> Reply-To: "Greg Quinlan" From: "Greg Quinlan" To: Cc: References: <34518.937315891@axl.noc.iafrica.com> Subject: Re: New rc.conf entry question. Date: Tue, 14 Sep 1999 15:32:51 +0100 Organization: Queen Marys Hospital (SWLCT) MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2314.1300 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG ----- Original Message ----- From: Sheldon Hearn > > Some people who have already customized their "/etc/rc.firewall" > > script and will feel confident that it will not be overwritten by and > > upgrade. Those doing a fresh install will not be effected either. :) > > Where does that confidence come from? The upgrade procedure is > documented as something that backs up your /etc/ directory completely > and replaces it. > > That aside, I do think your idea is worthwhile, although implementation > is going to be tricky if you want /etc/defaults/rc.firewall to "suck in" > /etc/rc.firewall. I am just talking about changing the location of the firewall configuration file (rc.firewall), not "sucking it" in. Although that is an interesting idea. (perhaps "simple", "client", "open" ... are **default** and anything else, like "custom", calls /etc/rc.firewall ... Hmmm.... I like it.... I wished I had thought of that!! :) ) If you have a flat / simple / default installation then use the "/etc/default/rc.firewall" file. If you have something-complex / customised / non-default, as most people probably do, use the /etc/rc.firewall file for the firewall configuration. The way I would ***like*** to see it work, is to put: firewall_script="/etc/rc.firewall" firewall_type="custom" into the /etc/rc.conf file IF firewall_enable="YES" exists in the /etc/rc.conf file (during an upgrade process.) The /etc/default/rc.firewall has as the last few lines : case "${firewall_type}" in . . . custom) [ -f /etc/rc.firewall ] && sh /etc/rc.firewall ;; esac Would that be too complex?... rather than trying to work out what configuration file has been over-written that needs restoring from the /usr/tmp/etc directory... I have been caught out once before... then realised that I had not copied back my customised "rc.firewall" file. Simple really :)))) Cheers Greg To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message