From owner-cvs-all Mon Oct 22 16:13:42 2001 Delivered-To: cvs-all@freebsd.org Received: from mailsrv.otenet.gr (mailsrv.otenet.gr [195.170.0.5]) by hub.freebsd.org (Postfix) with ESMTP id A389F37B405; Mon, 22 Oct 2001 16:13:31 -0700 (PDT) Received: from hades.hell.gr (patr530-a210.otenet.gr [212.205.215.210]) by mailsrv.otenet.gr (8.11.5/8.11.5) with ESMTP id f9MNDQO05440; Tue, 23 Oct 2001 02:13:27 +0300 (EEST) Received: (from charon@localhost) by hades.hell.gr (8.11.6/8.11.6) id f9MMPDc01779; Tue, 23 Oct 2001 01:25:13 +0300 (EEST) (envelope-from charon@labs.gr) Date: Tue, 23 Oct 2001 01:25:12 +0300 From: Giorgos Keramidas To: Darren Reed Cc: cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG Subject: Re: cvs commit: src/etc rc.network Message-ID: <20011023012512.A1596@hades.hell.gr> References: <200110200446.f9K4kWo53849@freefall.freebsd.org> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="kvUQC+jR9YzypDnK" Content-Disposition: inline In-Reply-To: <200110200446.f9K4kWo53849@freefall.freebsd.org> User-Agent: Mutt/1.3.22.1i X-X-Sender: charon@hades X-Cursor-Pos: cc 0 Content-ID: <20011023011419.D1583@hades> Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --kvUQC+jR9YzypDnK Content-Type: text/PLAIN; charset=us-ascii Content-Disposition: inline > darrenr 2001/10/19 21:46:32 PDT > > Modified files: > etc rc.network > Log: > Do an ipf -y after bringing up ppp to ensure rules which mention ppp get > matched. Moification on PR to handle ipnat not being dependant on > ipfilter_enable With ipfilter_program set to "/sbin/ipf -Fa -f" (as rc.conf(5) says) in /etc/defaults/rc.conf, this change breaks rc.network in the part that calls `ipf -y'. The code calls: ${ipfilter_program:-/sbin/ipf -y} and ipfilter_program is set to `/sbin/ipf -Fa -f' which results in the command being called without ${ipfilter_rules} after -f. Perhaps you meant to write :+ instead of :- ? Trying to make this work, I've tested on my current box, compiled today, the attached patch. If ipfilter_program is not set, it uses `/sbin/ipf -y' but if it is set to something it strips everything following the first space in ipfilter_program and calls the first `word' with -y option. The other option would be to remove any command-line options from ipfilter_program and move them to ipfilter_flags, but if that is done, the rc.conf.5 needs to be updated too, and it changes the way things were done until now :-/ -giorgos --kvUQC+jR9YzypDnK Content-Type: text/PLAIN; charset=US-ASCII; name="diff.2001.10.23.01.00.ipfilter" Content-Disposition: attachment; filename="diff.2001.10.23.01.00.ipfilter" Content-Transfer-Encoding: base64 SW5kZXg6IHJjLm5ldHdvcmsNCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0NClJDUyBmaWxlOiAvaG9tZS9uY3Zz L3NyYy9ldGMvcmMubmV0d29yayx2DQpyZXRyaWV2aW5nIHJldmlzaW9uIDEuMTA5DQpkaWZm IC11IC1yMS4xMDkgcmMubmV0d29yaw0KLS0tIHJjLm5ldHdvcmsJMjAgT2N0IDIwMDEgMDQ6 NDY6MzIgLTAwMDAJMS4xMDkNCisrKyByYy5uZXR3b3JrCTIyIE9jdCAyMDAxIDIxOjU3OjM5 IC0wMDAwDQpAQCAtMjc5LDEyICsyNzksMjQgQEANCiAJIw0KIAljYXNlICR7aXBmaWx0ZXJf ZW5hYmxlfSBpbg0KIAlbWXldW0VlXVtTc10pDQotCQkke2lwZmlsdGVyX3Byb2dyYW06LS9z YmluL2lwZiAteX0NCisJCWlmIFsgWCIke2lwZmlsdGVyX3Byb2dyYW19IiA9IFgiIiBdOyB0 aGVuDQorCQkJaXBmaWx0ZXJfcHJvZ3JhbT0iL3NiaW4vaXBmIC15Ig0KKwkJZWxzZQ0KKwkJ CWlwZmlsdGVyX3Byb2dyYW09IiR7aXBmaWx0ZXJfcHJvZ3JhbSUlICp9IC15Ig0KKwkJZmkN CisJCWVjaG8gLW4gIlN5bmNocm9uaXppbmcgaXBmaWx0ZXIgd2l0aCBuZXR3b3JrIGludGVy ZmFjZXM6ICINCisJCSR7aXBmaWx0ZXJfcHJvZ3JhbX0NCiAJCTs7DQogCSopDQogCQljYXNl ICR7aXBuYXRfZW5hYmxlfSBpbg0KIAkJW1l5XVtFZV1bU3NdKQ0KLQkJCSR7aXBmaWx0ZXJf cHJvZ3JhbTotL3NiaW4vaXBmIC15fQ0KKwkJCWlmIFsgWCIke2lwZmlsdGVyX3Byb2dyYW19 IiA9IFgiIiBdOyB0aGVuDQorCQkJCWlwZmlsdGVyX3Byb2dyYW09Ii9zYmluL2lwZiAteSIN CisJCQllbHNlDQorCQkJCWlwZmlsdGVyX3Byb2dyYW09IiR7aXBmaWx0ZXJfcHJvZ3JhbSUl ICp9IC15Ig0KKwkJCWZpDQorCQkJZWNobyAtbiAiU3luY2hyb25pemluZyBpcGZpbHRlciB3 aXRoIG5ldHdvcmsgaW50ZXJmYWNlczogIg0KKwkJCSR7aXBmaWx0ZXJfcHJvZ3JhbX0NCiAJ CQk7Ow0KIAkJZXNhYw0KIAllc2FjDQo= --kvUQC+jR9YzypDnK-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message