Date: Sat, 31 Jan 2004 15:35:21 +0100 From: Peder Blom <peder.blom@bredband.net> To: ecrist@adtechintegrated.com Cc: freebsd-questions@freebsd.org Subject: Re: where am I supposed to put my rc.firewall? Message-ID: <20040131153521.1d660315.peder.blom@bredband.net> In-Reply-To: <200401301947.54492.ecrist@adtechintegrated.com> References: <200401301846.52757.ecrist@adtechintegrated.com> <401AFCBB.1010300@mac.com> <200401301947.54492.ecrist@adtechintegrated.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 30 Jan 2004 19:47:47 -0600 Eric F Crist <ecrist@adtechintegrated.com> wrote: > On Friday 30 January 2004 06:54 pm, Chuck Swiger wrote: > > Eric F Crist wrote: > > > I'm trying to add IPFW support. Where do I put my rc.firewall so > > > that it gets read at boot time? I've tried /usr/local/etc/rc.d > > > and /etc but neither seems to get read. > > > > Specify the location of your firewall script in /etc/rc.conf like > > so: > > > > firewall_enable='YES' > > firewall_type='/etc/ERICS_firewall' > > firewall_flags='-p /usr/bin/cpp' > > > > [ You might choose to use some other preprocessor... ] > > Well, here's what I have now. I have a file in /etc called > grog.firewall. It's contents are: > > grog# more grog.firewall > ipfw -f flush > ipfw add 100 pass all from any to any via lo0 > ipfw add 200 deny all from any to 127.0.0.0/8 > ipfw add 300 deny ip from 127.0.0.0/8 to any > ipfw add 600 allow all from any to any > > In my /etc/rc.conf file, I have the following two entries pertaining > to the firewall: > > firewall_enable="YES" > firewall_type="/etc/grog.firewall" Add this to your rc.conf: (instead of firewall_type=...): firewall_script="/etc/grog.firewall" See /etc/defaults/rc.conf !
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040131153521.1d660315.peder.blom>