Date: Thu, 1 Feb 2007 16:04:02 -0500 From: "The Admiral" <xxadmiralxx@gmail.com> To: freebsd-ipfw@freebsd.org Subject: rc.firewall script not running at system boot Message-ID: <66f7e7af0702011304m61385124r5876e0af3d767a55@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
We had a power outage last night and I arrived at work today to find that one of our machines no longer has network access (one of the few machines not on a battery backup unit). I checked to see what firewall rules were enabled and the only one that was active was to deny all. It seems as though my rc.firewall script wasn't run automatically when the system booted. I rebooted to double check and sure enough the only rule enabled was the deny all rule. My rc.conf file has the following: --------------------------------------------------------------- hostname="dev" ifconfig_em0="inet 192.168.1.120 netmask 255.255.255.0" ifconfig_vr0="inet 224.87.34.72 netmask 255.255.255.248" #real IP hidden on purpose defaultrouter="224.87.34.71" gateway_enable=YES firewall_enable="YES" # Set to YES to enable firewall functionality firewall_script="/etc/rc.firewall" # Which script to run to set up the firewall firewall_type="client" # Firewall type (see /etc/rc.firewall) --------------------------------------------------------------- my kernel configuration file has the following: --------------------------------------------------------------- options IPFIREWALL # required to use ipfw options IPFIREWALL_FORWARD options IPDIVERT # required for natd options IPFIREWALL_VERBOSE # Enables logging of packets that pass through IPFW and have the 'log' keyword specified in the rule set. --------------------------------------------------------------- When I run the rc.firewall script directly (sudo /etc/rc.firewall client) all my rulesets are enabled as they should, however, the rc.firewall file isn't being executed at system boot, which I'd like to resolve, since it means that the machine will be inaccessible if the machine is rebooted for whatever reason, and no one is there to manually execute the firewall script from the console. The strange thing is, the last time I manually rebooted the machine, the script was executed without a problem.. The machine hasn't been rebooted for a while though, and a lot of the software has been updated in the meantime, so I'm thinking that may be the cause, but I'm still unsure how to go about fixing this. Any help is greatly appreciated, thanks. Mike
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?66f7e7af0702011304m61385124r5876e0af3d767a55>