Re: rc.firewall not executed?

From: BSDC <bsdc_at_xtremedev.com>
Date: Sun, 15 Jun 2003 08:01:16 -0600
On Sun, Jun 15, 2003 at 09:36:23AM -0400, Andre Guibert de Bruet wrote:
> 
> On Sat, 14 Jun 2003, Kris Kennaway wrote:
> 
> > I just noticed that my ipfw rules were not loaded the last time I
> > rebooted.  My rc.conf is included below - has something changed
> > recently so that these settings are not enough?  I didn't see anything
> > relevant in UPDATING.  My /etc/firewall.conf exists and is readable
> > (and unchanged since 2002).
> >
> > Kris
> >
> > ----
> > # $FreeBSD: src/etc/defaults/rc.conf,v 1.156 2002/08/30 13:01:42 hm Exp $
> > hostname="citusc17.usc.edu"     # Set this!
> > nisdomainname="cituscdomain"    # Set to NIS domain if using NIS (or NO).
> > firewall_enable="YES"           # Set to YES to enable firewall functionality
> > firewall_type="/etc/firewall.conf"      # Firewall type (see /etc/rc.firewall)
>                  ^^^^^^^^^^^^^^^^^^
> This is wrong. Set it to "UNKNOWN". There's firewall_script for that.

It is not incorrect. See rc.firewall. By providing a filename for the
firewall_type, rc.firewall will instead load the ipfw rules from the
given filename.

>From rc.firewall:
# Define the firewall type in /etc/rc.conf.  Valid values are:
#   open     - will allow anyone in
#   client   - will try to protect just this machine
#   simple   - will try to protect a whole network
#   closed   - totally disables IP services except via lo0 interface
#   UNKNOWN  - disables the loading of firewall rules.
#   filename - will load the rules in the given filename (full path
#   required)

However, I unfortunately do not have an answer for Kris as to why the
rules aren't loading anymore.
Received on Sun Jun 15 2003 - 05:01:19 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:11 UTC