From owner-freebsd-ipfw@FreeBSD.ORG  Sun Apr 29 05:31:58 2012
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
Delivered-To: freebsd-ipfw@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 824A71065670;
	Sun, 29 Apr 2012 05:31:58 +0000 (UTC)
	(envelope-from smithi@nimnet.asn.au)
Received: from sola.nimnet.asn.au (paqi.nimnet.asn.au [115.70.110.159])
	by mx1.freebsd.org (Postfix) with ESMTP id 033948FC08;
	Sun, 29 Apr 2012 05:31:57 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by sola.nimnet.asn.au (8.14.2/8.14.2) with ESMTP id q3T5P3Kh022687;
	Sun, 29 Apr 2012 15:25:04 +1000 (EST)
	(envelope-from smithi@nimnet.asn.au)
Date: Sun, 29 Apr 2012 15:25:03 +1000 (EST)
From: Ian Smith <smithi@nimnet.asn.au>
To: Hiroki Sato <hrs@freebsd.org>
In-Reply-To: <20120428.231800.306465812317617923.hrs@allbsd.org>
Message-ID: <20120429150343.H91148@sola.nimnet.asn.au>
References: <20120425.002600.1631867625819249738.hrs@allbsd.org>
	<4F96D11B.2060007@FreeBSD.org>
	<20120425.020518.406495893112283552.hrs@allbsd.org>
	<20120428.231800.306465812317617923.hrs@allbsd.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Cc: freebsd-ipfw@freebsd.org
Subject: Re: CFR: ipfw0 pseudo-interface clonable
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 29 Apr 2012 05:31:58 -0000

On Sat, 28 Apr 2012 23:18:00 +0900 (JST), Hiroki Sato wrote:

 >  A revised patch is attached.  The lock around log_if should be fixed
 >  and ipfw(8) manual page is updated.  Also, an rc.conf(5) variable
 >  $firewall_logif is added to create ipfw0 interface at boot time (NO
 >  by default).
 > 
 >  Any comments are welcome.  Thank you.

Only wee nits on form, not function ..

+       if checkyesno firewall_logif; then
+               echo 'Firewall logging pseudo-interface (ipfw0) created.'
+               ifconfig ipfw0 create
+       fi

Strictly, the echo should follow ifconfig success - how picky is that!

+++ etc/defaults/rc.conf        (working copy)
[..]
+firewall_logif="NO"            # Set to YES to create logging-pseudo interface

'logging pseudo-interface'

And firewall_logif needs adding to rc.conf(5)?

cheers, Ian