Date: Wed, 29 May 2002 10:46:00 -0600 From: Ian <freebsd@damnhippie.dyndns.org> To: freebsd-stable <freebsd-stable@freebsd.org> Subject: Re: Server won't boot after recompile the kernel with ipfw support Message-ID: <B91A61E7.D64D%freebsd@damnhippie.dyndns.org> In-Reply-To: <3CF48FB4.E82525FE@alogis.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 05/29/02 02:22, Holger Kipp wrote: > Matthew Dillon wrote: >> >> : >> :Thanks for your info. I will ask the person who near with the server to >> :issue that command from the console then. BTW how can I keep the >> :firewall rules to be permanent on FreeBSD ? Put it on rc.firewall, or >> :create another script that runs everytime the server gets rebooted ? >> : >> :Thanks >> >> If you have a relatively recent version of FreeBSD you can do a >> 'man firewall' and it will give you a whole lot of very good >> information. Basically though in /etc/rc.conf you do: >> >> firewall_enable="YES" >> firewall_type="/etc/ipfw.conf" >> >> And then put the firewall rules in /etc/rc.firewall. > > To point out the obvious: put the firewall rules in "/etc/ipfw.conf", > if firewall_type contains a filename. If firewall_type is the name > of a configuration, edit rc.firewall. > > Regards, > Holger Waaaa. Don't edit rc.firewall, or /etc/defaults/rc.conf as was suggested earlier in this thread. Doing so just smears your local configuration into non-standard places and makes future upgrades harder on you. Have a look at /etc/rc.firewall and see if one of the standard named configurations it supports is right for you. If so, set it in firewall_type in rc.conf. Otherwise use firewall_type="/etc/ipfw.conf" and put your own ruleset into that file (which won't get clobbered on upgrades). -- Ian To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B91A61E7.D64D%freebsd>