Date: Tue, 14 Sep 1999 15:43:35 -0400 (EDT) From: John Baldwin <jobaldwi@vt.edu> To: Greg Quinlan <Greg.Quinlan@swlct.sthames.nhs.uk> Cc: FreeBSD-stable@freebsd.org Subject: Re: New rc.conf entry question. Message-ID: <0FI200492ET16P@gkar.cc.vt.edu> In-Reply-To: <00b401befec9$2ab773e0$5214010a@swlct.sthames.nhs.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
On 14-Sep-99 Greg Quinlan wrote:
> I am just talking about changing the location of the firewall
> configuration
> file (rc.firewall), not "sucking it" in.
<much stuff snipped>
Go look at the existing /etc/rc.firewall. It already does this! :)
If you specify a firewall type that is not one of client, server, etc.,
it assumes the type is a file of ipfw commands that should be passed to
ipfw. Look at the bottom of the rc.firewall, specifically:
----8<----
elif [ "${firewall_type}" != "UNKNOWN" -a -r "${firewall_type}" ]; then
$fwcmd ${firewall_type}
fi
----8<----
For instance, I put all of my ipfw commands on my router in
/etc/rc.firewall.local and have the following in /etc/rc.conf:
----8<----
firewall_enable="YES"
firewall_type="/etc/rc.firewall.local"
firewall_quiet="NO"
----8<----
---
John Baldwin <jobaldwi@vt.edu> -- http://www.cslab.vt.edu/~jobaldwi/
PGP Key: http://www.cslab.vt.edu/~jobaldwi/pgpkey.asc
"Power Users Use the Power to Serve!" - http://www.FreeBSD.org/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?0FI200492ET16P>