Date: Fri, 16 Oct 1998 19:26:26 -0600 From: Greg Skafte <skafte@worldgate.com> To: freebsd-hackers@FreeBSD.ORG Subject: Re: couple of quick patches Message-ID: <19981016192626.D1571@worldgate.com> In-Reply-To: <19981016190330.C1571@worldgate.com>; from Greg Skafte on Fri, Oct 16, 1998 at 07:03:30PM -0600 References: <19981016190330.C1571@worldgate.com>
next in thread | previous in thread | raw e-mail | index | archive | help
dohh ... sorry patch 2 is for rc.firewall when you specify a filename
in rc.conf sorry ....
Quoting Greg Skafte (skafte@worldgate.com)
On Subject: couple of quick patches
Date: Fri, Oct 16, 1998 at 07:03:30PM -0600
> Attached are 2 patches that I've done a send-pr on
>
> patch 1
>
> added a changer definition for the HP SureStore 24x6 dds3 drive
>
> patch 2
>
> fixes a small problem in rc.conf.
> In rc.conf if you specify firewall="filename" the firewall does not load
>
> --
> Email: skafte@worldgate.com Voice: +403 413 1910 Fax: +403 421 4929
> #575 Sun Life Place * 10123 99 Street * Edmonton, AB * Canada * T5J 3H1
> -- --
> When things can't get any worse, they simplify themselves by getting a whole
> lot worse then complicated. A complete and utter disaster is the simplest
> thing in the world; it's preventing one that's complex. (Janet Morris)
Content-Description: patch for surestore 24x6 dds3 tape changer
> --- scsiconf.c 1998/10/16 20:34:15 1.1
> +++ scsiconf.c 1998/10/16 20:35:53
> @@ -357,6 +357,10 @@
> T_CHANGER, T_CHANGER, T_REMOV, "SONY", "TSL-7000", "*",
> "ch", SC_MORE_LUS
> },
> + {
> + T_SEQUENTIAL, T_CHANGER, T_REMOV, "HP", "C1557A", "*",
> + "ch", SC_MORE_LUS,
> + },
> #endif /* NCH */
> #if NCD > 0
> #ifndef UKTEST /* make cdroms unrecognised to test the uk driver */
Content-Description: fix rc.firewall to accept and execute filename
> --- /usr/src/etc/rc.firewall Wed Sep 16 22:24:21 1998
> +++ /etc/rc.firewall Thu Jul 2 14:27:09 1998
> @@ -1,10 +1,6 @@
> ############
> # Setup system for firewall service.
> -# $Id: rc.firewall,v 1.6.2.9 1998/06/27 21:23:19 steve Exp $
> -
> -if [ -f /etc/rc.conf ]; then
> - . /etc/rc.conf
> -fi
> +# $Id: rc.firewall,v 1.6.2.5 1997/10/21 00:20:35 jkh Exp $
>
> ############
> # Define the firewall type in /etc/rc.conf. Valid values are:
> @@ -58,14 +54,6 @@
> $fwcmd -f flush
>
> ############
> -# These rules are required for using natd. All packets are passed to natd before
> -# they encounter your remaining rules. The firewall rules will then be run again
> -# on each packet after translation by natd, minus any divert rules (see natd(8)).
> -if [ "X${natd_enable}" = X"YES" -a "X${natd_interface}" != X"" ]; then
> - $fwcmd add divert natd all from any to any via ${natd_interface}
> -fi
> -
> -############
> # If you just configured ipfw in the kernel as a tool to solve network
> # problems or you just want to disallow some particular kinds of traffic
> # they you will want to change the default policy to open. You can also
> @@ -75,8 +63,8 @@
>
> ############
> # Only in rare cases do you want to change these rules
> -$fwcmd add 100 pass all from any to any via lo0
> -$fwcmd add 200 deny all from any to 127.0.0.0/8
> +$fwcmd add 1000 pass all from any to any via lo0
> +$fwcmd add 1010 deny all from 127.0.0.0/8 to 127.0.0.0/8
>
>
> # Prototype setups.
> @@ -148,11 +136,8 @@
>
> # Stop RFC1918 nets on the outside interface
> $fwcmd add deny all from 192.168.0.0:255.255.0.0 to any via ${oif}
> - $fwcmd add deny all from any to 192.168.0.0:255.255.0.0 via ${oif}
> $fwcmd add deny all from 172.16.0.0:255.240.0.0 to any via ${oif}
> - $fwcmd add deny all from any to 172.16.0.0:255.240.0.0 via ${oif}
> $fwcmd add deny all from 10.0.0.0:255.0.0.0 to any via ${oif}
> - $fwcmd add deny all from any to 10.0.0.0:255.0.0.0 via ${oif}
>
> # Allow TCP through if setup succeeded
> $fwcmd add pass tcp from any to any established
> @@ -183,5 +168,5 @@
> # Everything else is denied as default.
>
> elif [ "${firewall_type}" != "UNKNOWN" -a -r "${firewall_type}" ]; then
> - $fwcmd ${firewall_type}
> + . ${firewall_type}
> fi
--
Email: skafte@worldgate.com Voice: +403 413 1910 Fax: +403 421 4929
#575 Sun Life Place * 10123 99 Street * Edmonton, AB * Canada * T5J 3H1
-- --
When things can't get any worse, they simplify themselves by getting a whole
lot worse then complicated. A complete and utter disaster is the simplest
thing in the world; it's preventing one that's complex. (Janet Morris)
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19981016192626.D1571>