Date: Tue, 23 Oct 2001 19:45:11 +0200 From: Gerhard Sittig <Gerhard.Sittig@gmx.net> To: Darren Reed <darrenr@FreeBSD.ORG> Cc: cvs-all@FreeBSD.ORG Subject: Re: cvs commit: src/etc rc.network Message-ID: <20011023194511.D97313@shell.gsinet.sittig.org> In-Reply-To: <20011023145506.C20345@hades.hell.gr>; from charon@labs.gr on Tue, Oct 23, 2001 at 02:55:06PM %2B0300 References: <20011023012512.A1596@hades.hell.gr> <58940.1003834403@axl.seasidesoftware.co.za> <20011023145506.C20345@hades.hell.gr>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Oct 23, 2001 at 14:55 +0300, Giorgos Keramidas wrote:
> On Tue, Oct 23, 2001 at 12:53:23PM +0200, Sheldon Hearn wrote:
> > On Tue, 23 Oct 2001 01:25:12 +0300, Giorgos Keramidas wrote:
> > > With ipfilter_program set to "/sbin/ipf -Fa -f" (as rc.conf(5) says)
> > > in /etc/defaults/rc.conf, this change breaks rc.network in the part
> > > that calls `ipf -y'. The code calls:
> >
> > foo_program should never include flags.
>
> Yes, that's what I think too, but I'd hate to step on Darren's toes,
> if he has these set like that for a purpose.
I get the feeling this - inappropriate - setting of a _program
variable is due to my misguided suggestion in PR conf/20202
which verbatimly made it into the FreeBSD start scripts. If it
doesn't fit the usual rules feel free to correct it! :) After
all I was a newbee to FreeBSD then (and still I'm not a guru or
seasoned hacker:) as well as I understand Darren to do his
daytime job with SunOS / Solaris and since he might need some
hints on how his software fits even better into FreeBSD. I guess
he will happily accept patches improving a wrong approach.
Maybe there's need for the following parts:
- ipfilter_program
- ipfilter_prerules_flags
- ipfilter_rules
- ipfilter_postrules_flags
? The current situation comes from the fact that I wanted to
have a single variable with the rules file only - to check for
its existance (if such an additional constraints check matters).
> After I posted my diff,
> I saw Arjan de Vet had posted a patch that makes ipfilter_program work
> with a value of "/sbin/ipf". Let's go for Arjan's changes instead.
If there's already a correcting / much improving patch maybe it
should be in the PR database? Darren Reed apparently works on
FreeBSD tasks in bursts and might appreciate a PR with its better
record / specific assignment more than a rushing by article
buried in the high volume of a mailing list ...
virtually yours 82D1 9B9C 01DC 4FB4 D7B4 61BE 3F49 4F77 72DE DA76
Gerhard Sittig true | mail -s "get gpg key" Gerhard.Sittig@gmx.net
--
If you don't understand or are scared by any of the above
ask your parents or an adult to help you.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011023194511.D97313>