Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 20 Aug 1998 17:47:40 +0200 (CEST)
From:      Malte Lance <malte.lance@gmx.net>
To:        wwoods@cybcon.com
Cc:        FreeBSD Questions <freebsd-questions@FreeBSD.ORG>
Subject:   Re: Firewall
Message-ID:  <13788.17366.774415.752972@neuron.webmore.de>
In-Reply-To: <XFMail.980820055314.wwoods@cybcon.com>
References:  <XFMail.980820055314.wwoods@cybcon.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
William Woods writes:
 > I have a script that every day does a ipfw list > /home/william/ipfwlist to
 > save my firewall settings in case I need to reboot. Now what I would like to do
 > is when I boot have those rules loaded automatically.
 > 
 > This is the settings in use in my rc.firewall file: 
 > 
 > if [ "${firewall_type}" = "open" -o "${firewall_type}" = "OPEN" ]; then   
 > 
 > $fwcmd add 65000 pass all from any to any
 > $fwcmd add 63000 deny log icmp from any to 205.147.76.99 icmptype 8
 > $fwcmd add 62099 allow icmp from 205.147.76.99 to 205.147.76.99 icmmptype 8
 > 
 > 
 > Would it be possible to replace these with something along the lines of
 > 
 > ipfw /home/william/ipfwlist .

Yes.

 > 
 > or can you suggest a better way?

>From the beginning of /etc/rc.firewall:

############
# Define the firewall type in /etc/rc.conf.  Valid values are:
#   open     - will allow anyone in
#   client   - will try to protect just this machine
#   simple   - will try to protect a whole network
#   closed   - totally disables IP services except via lo0 interface
#   UNKNOWN  - disables the loading of firewall rules.
#   filename - will load the rules in the given filename (full path required)

So why don't you use the filename-method ?
Just specify the path to the firewall-rule-file in /etc/rc.conf
(This is on my 2.2.6-box)

Malte.

 > ---------------------
 > William Woods <wwoods@cybcon.com>
 > Date: 20-Aug-98 / Time: 05:45:54 
 > goto to: http//www.freebsd.org. 
 > --> FreeBSD 3.0 CURRENT <--
 > 
 > 
 > To Unsubscribe: send mail to majordomo@FreeBSD.org
 > with "unsubscribe freebsd-questions" in the body of the message

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?13788.17366.774415.752972>