Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 14 Sep 1999 16:52:26 +0100
From:      "Greg Quinlan" <Greg.Quinlan@swlct.sthames.nhs.uk>
To:        <FreeBSD-stable@freebsd.org>
Subject:   Re: New rc.conf entry question. 
Message-ID:  <00b401befec9$2ab773e0$5214010a@swlct.sthames.nhs.uk>
next in thread | raw e-mail | index | archive | help 
----- Original Message -----
From: Sheldon Hearn <sheldonh@uunet.co.za>
> > Some people who have already customized their "/etc/rc.firewall"
> > script and will feel confident that it will not be overwritten by and
> > upgrade. Those doing a fresh install will not be effected either. :)
>
> Where does that confidence come from? The upgrade procedure is
> documented as something that backs up your /etc/ directory completely
> and replaces it.
>
> That aside, I do think your idea is worthwhile, although implementation
> is going to be tricky if you want /etc/defaults/rc.firewall to "suck in"
> /etc/rc.firewall.

I am just talking about changing the location of the firewall configuration
file (rc.firewall), not "sucking it" in.

 Although that is an interesting idea. (perhaps "simple", "client", "open"
... are **default** and anything else, like "custom", calls /etc/rc.firewall
...
Hmmm.... I like it.... I wished I had thought of that!! :) )

If you have a flat / simple / default installation then use the
"/etc/default/rc.firewall" file. If you have something-complex / customised
/ non-default, as most people probably do, use the /etc/rc.firewall file for
the firewall configuration.

The way I would ***like*** to see it work, is to put:
firewall_script="/etc/rc.firewall"
firewall_type="custom"
into the /etc/rc.conf file

IF firewall_enable="YES" exists
in the /etc/rc.conf file (during an upgrade process.)

The /etc/default/rc.firewall has as the last few lines :

case "${firewall_type}" in
.
.
.
custom)
        [ -f /etc/rc.firewall ] && sh /etc/rc.firewall
        ;;
esac

Would that be too complex?... rather than trying to work out what
configuration file has been over-written that needs restoring from the
/usr/tmp/etc directory...

I have been caught out once before... then realised that I had not copied
back my customised "rc.firewall" file.

Simple really :))))

Cheers

Greg




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00b401befec9$2ab773e0$5214010a>