From owner-freebsd-security  Fri Oct 13 23: 1:36 2000
Delivered-To: freebsd-security@freebsd.org
Received: from mailhost01.reflexnet.net (mailhost01.reflexnet.net [64.6.192.82])
	by hub.freebsd.org (Postfix) with ESMTP id 93FAC37B66D
	for <freebsd-security@freebsd.org>; Fri, 13 Oct 2000 23:01:34 -0700 (PDT)
Received: from 149.211.6.64.reflexcom.com ([64.6.211.149]) by mailhost01.reflexnet.net  with Microsoft SMTPSVC(5.5.1877.197.19);
	 Fri, 13 Oct 2000 23:00:12 -0700
Received: (from cjc@localhost)
	by 149.211.6.64.reflexcom.com (8.11.0/8.11.0) id e9E61Sf81281;
	Fri, 13 Oct 2000 23:01:28 -0700 (PDT)
	(envelope-from cjc)
Date: Fri, 13 Oct 2000 23:01:28 -0700
From: "Crist J . Clark" <cjclark@reflexnet.net>
To: Bill Fumerola <billf@chimesnet.com>
Cc: cjclark@alum.mit.edu, Milo Bloom <mbloom@cinci.rr.com>,
	Peter Pentchev <roam@orbitel.bg>, redwards@meccamediagroup.com,
	freebsd-security@FreeBSD.ORG
Subject: Re: Dynamic rc.firewall
Message-ID: <20001013230128.V25121@149.211.6.64.reflexcom.com>
Reply-To: cjclark@alum.mit.edu
References: <20001013131528.A17444@ringwraith.office1.bg> <5.0.0.25.2.20001013032255.00a8ee40@127.0.0.1> <20001013131528.A17444@ringwraith.office1.bg> <20001013132743.B17444@ringwraith.office1.bg> <3.0.5.32.20001013073440.009093f0@pop-server.cinci.rr.com> <20001013213431.T25121@149.211.6.64.reflexcom.com> <20001014010830.C37870@jade.chc-chimes.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 1.0i
In-Reply-To: <20001014010830.C37870@jade.chc-chimes.com>; from billf@chimesnet.com on Sat, Oct 14, 2000 at 01:08:30AM -0400
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Sat, Oct 14, 2000 at 01:08:30AM -0400, Bill Fumerola wrote:
> On Fri, Oct 13, 2000 at 09:34:31PM -0700, Crist J . Clark wrote:
> 
> > >     # set these to your outside interface network and netmask and ip
> > >     oif="ex0"                # card name
> > >     onet="24.129.15.0"       # whatever your assigned range will be
> > >     omask="255.255.255.0"
> > >     oip="`ifconfig ex0 | grep inet | awk '{ print $2 }'`"
> > > 
> > > Hope this helps. Let me (or the list) know how that works for you.
> > 
> > Wouldn't,
> > 
> >   oip="`ifconfig ex0 | awk /inet / '{ print $2 }'`"
> > 
> > Make a little more sense than the gratuitous fgrep?
> 
> Are /usr/bin/awk or /usr/bin/fgrep even available when rc.firewall gets called?
> 
> Note my stress on calling them by their full path..

Yes, since the line in my old rc.firewall was literally,

  oip=`/sbin/ifconfig ${natd_interface} | /usr/bin/awk '/inet / { print $2 }'`

-- 
Crist J. Clark                           cjclark@alum.mit.edu


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message