On 2003-02-18 15:49, Jason Williams <[EMAIL PROTECTED]> wrote:
> I'm using FBSD 4.7 and have compiled ipfw into the kernel. My
> rc.conf file has the following:
>
> firewall_enable="YES"
> firewall_script="/etc/rc.firewall"
> firewall_type="/etc/ipfw.rules"
> firewall_quiet="NO"
> firewall_logging_enable="YES"
> log_in_vain="YES"
> icmp_drop_redirect="YES"
>
> On reboot, ipfw is not reading rc.firewall before loading my rules -
> /etc/ipfw.rules - as I've assumed it would. I thought I could let
> rc.firewall take care of housekeeping ( flush and loopback rules )
> before moving on to the the custom rules in ipfw.rules. Am I missing
> something here or is it normal to bypass rc.firewall altogether and
> set up a rules file with everything needed in there?

When you set firewall_type="/etc/ipfw.rules" in your rc.conf, only the
following commands are run by rc.firewall:

        ipfw -f flush
        ipfw /etc/ipfw.rules

That's all.  If you want the rules to have similar behavior to some of
the rules listed for open/closed/client/simple, you'll have to copy
the appropriate rules from rc.firewall into your /etc/ipfw.rules file.

Giorgos


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message

Reply via email to