Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 12 Jan 2006 16:28:09 -0500
From:      "fbsd_user" <fbsd_user@a1poweruser.com>
To:        "Greg Barniskis" <nalists@scls.lib.wi.us>, "Martin McCormick" <martin@dc.cis.okstate.edu>
Cc:        freebsd-questions@freebsd.org
Subject:   RE: Strange Failure Mode in FreeBSD 4.11
Message-ID:  <MIEPLLIBMLEEABPDBIEGEEHAHLAA.fbsd_user@a1poweruser.com>
In-Reply-To: <43C6C55E.5000703@scls.lib.wi.us>
next in thread | previous in thread | raw e-mail | index | archive | help 
The firewall section of the handbook states that the
rc.firewall file is an example.
You really should read the firewall section of the handbook
and use the working examples contained there.

-----Original Message-----
From: owner-freebsd-questions@freebsd.org
[mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Greg
Barniskis
Sent: Thursday, January 12, 2006 4:09 PM
To: Martin McCormick
Cc: freebsd-questions@freebsd.org
Subject: Re: Strange Failure Mode in FreeBSD 4.11


Martin McCormick wrote:
>   In
> rc.firewall, there is a place where one can include a table of
local
> rules and that's where I am doing something wrong.  The place in
> rc.firewall reads:
>
> #   filename - will load the rules in the given filename (full
path required)

This section of rc.firewall refers to valid values you can place in
rc.conf for firewall_type. In rc.conf you can name any of the types
defined in rc.firewall /or/ you can specify a file of your own
(instead of rc.firewall). I don't think you can invoke rc.firewall
/and/ another file you name.

Well, OK, surely there is a way to do that, but that functionality
is not the intent of this part of rc.firewall and rc.conf as I
understand it. I'm sure that if you put your custom rules in a shell
file that you can use rc or cron to load those rules at boot time;
you'd just need to be careful with rule numbering, maybe use ipfw
sets for rule ordering, etc.

Maybe easier to just

cp rc.firewall custom.ipfw, edit to your needs and use
firewall_type="/etc/custom.ipfw"


--
Greg Barniskis, Computer Systems Integrator
South Central Library System (SCLS)
Library Interchange Network (LINK)
<gregb at scls.lib.wi.us>, (608) 266-6348
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"freebsd-questions-unsubscribe@freebsd.org"

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?MIEPLLIBMLEEABPDBIEGEEHAHLAA.fbsd_user>