Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 23 Oct 2002 00:24:24 +0200
From:      Dimitry Andric <dim@xs4all.nl>
To:        Thomas Quinot <thomas@cuivre.fr.eu.org>
Cc:        Kirk Strauser <kirk@strauser.com>, freebsd-stable@FreeBSD.ORG
Subject:   Re: Still no 'ipf -6' support in the rc scripts?
Message-ID:  <15214492799.20021023002424@xs4all.nl>
In-Reply-To: <20021022212038.GB62611@melusine.cuivre.fr.eu.org>
References:  <87d6q29nrf.fsf@pooh.int> <20021022212038.GB62611@melusine.cuivre.fr.eu.org>

next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 2002-10-22 at 23:20:38 Thomas Quinot wrote:

TQ> You can use the following without any patches:
TQ>   ipfilter_flags="-6 -f /etc/ipf.rules6"

This will not work properly, because of the following fragment in
rc.network, which comes later (after initializing gif and ppp
interfaces, among others):

        # Re-Sync ipfilter so it picks up any new network interfaces
        #
        case ${ipfilter_active} in
        [Yy][Ee][Ss])
                ${ipfilter_program:-/sbin/ipf} -y ${ipfilter_flags} >/dev/null
                ;;
        esac

This will re-use ipfilter-flags, and thus complain about already
existing IPv6 rules. In my setup I've simply removed the
${ipfilter_flags} part, since I don't use any other flags. (The -y
option syncs for both IPv4 and IPv6, if I read the source of ipf
correctly.) But this isn't a good general solution... :-(

Cheers,
- --
Dimitry Andric <dim@xs4all.nl>
PGP Key: http://www.xs4all.nl/~dim/dim.asc
Fingerprint: 7AB462D2CE35FC6D42394FCDB05EA30A2E2096A3
Lbh ner abj va ivbyngvba bs gur QZPN

-----BEGIN PGP SIGNATURE-----
Version: 6.5.8ckt http://www.ipgpp.com/
Comment: http://duncan.gn.apc.org/stoa_cover.htm

iQA/AwUBPbXCDbBeowouIJajEQIi+wCfax7Pp0FhLW8Q2NACfI0qydmIGxkAn1fN
OXOeL76OhKR5faUlIGl7OMMd
=F/60
-----END PGP SIGNATURE-----


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?15214492799.20021023002424>