Re: conf/78762: [ipfw] [patch] /etc/rc.d/ipfw should excecute $firewall_script not read it

2007-06-18 Thread Sean McNeil 
The following reply was made to PR conf/78762; it has been noted by GNATS.

From: Sean McNeil [EMAIL PROTECTED]
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
Cc:  
Subject: Re: conf/78762: [ipfw] [patch] /etc/rc.d/ipfw should excecute
$firewall_script not read it
Date: Mon, 18 Jun 2007 17:05:45 -0700

 This is a bad idea and has broken the new feature of rcNG allowing us to
 place options into /etc/rc.conf.d/ipfw and /etc/rc.conf.d/ip6fw.  The
 commit to src/etc/rc.d/ipfw revision 1.15 and src/etc/rc.d/ip6fw 1.9
 have now broken this basic concept.
 
 IMHO, the correct thing is: Don't use exit in your firewall script.  I
 offer 3 solutions, however, below.
 
 What has been broken:
 
 /etc/rc.conf.d/ipfw
firewall_enable=YES
firewall_type=/etc/fw/rc.firewall.rules
 
 /etc/rc.conf.d/ip6fw
ipv6_firewall_enable=YES
ipv6_firewall_type=/etc/fw/rc.firewall6.rules
 
 Now, this no longer works and I must once again pollute and move more
 stuff back into /etc/rc.conf.  Namely,
 
firewall_type=/etc/fw/rc.firewall.rules
ipv6_firewall_type=/etc/fw/rc.firewall6.rules
 
 must now be in /etc/rc.conf or /etc/rc.conf.local.
 
 Solution:
 
 1) revert to sourcing the rc.firewall script.
 2) Fix rc.firewall and rc.firewall6 to somehow get stuff
 from /etc/rc.conf.d as it should (as ipfw and ip6fw?).
 3) completely remove rc.conf.d support as more things fail to work with
 it.
 
 
___
freebsd-ipfw@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: conf/78762: [ipfw] [patch] /etc/rc.d/ipfw should excecute $firewall_script not read it

2007-04-02 Thread Mike Makonnen 
Synopsis: [ipfw] [patch] /etc/rc.d/ipfw should excecute $firewall_script not 
read it

State-Changed-From-To: open-patched
State-Changed-By: mtm
State-Changed-When: Mon Apr 2 15:40:10 UTC 2007
State-Changed-Why: 
Patched in -CURRENT.
MFC-After: 2 weeks

http://www.freebsd.org/cgi/query-pr.cgi?pr=78762
___
freebsd-ipfw@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: conf/78762: [ipfw] [patch] /etc/rc.d/ipfw should excecute $firewall_script not read it

2007-04-02 Thread AT Matik 
On Monday 02 April 2007 12:40, Mike Makonnen wrote:
 Synopsis: [ipfw] [patch] /etc/rc.d/ipfw should excecute $firewall_script
 not read it

 State-Changed-From-To: open-patched
 State-Changed-By: mtm
 State-Changed-When: Mon Apr 2 15:40:10 UTC 2007
 State-Changed-Why:
 Patched in -CURRENT.
 MFC-After: 2 weeks

 http://www.freebsd.org/cgi/query-pr.cgi?pr=78762


btw, is this

 ${SYSCTL_W} net.inet.ip.fw.enable=1

which comes after loading firewall_script in /etc/rc.d/ipfw is beeing 
corrected also? Probably better setting this in ipfw_precmd ()


João







A mensagem foi scaneada pelo sistema de e-mail e pode ser considerada segura.
Service fornecido pelo Datacenter Matik  https://datacenter.matik.com.br
___
freebsd-ipfw@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: conf/78762: [ipfw] [patch] /etc/rc.d/ipfw should excecute $firewall_script not read it

2005-10-23 Thread Mark Linimon 
Old Synopsis: [patch] /etc/rc.d/ipfw should excecute $firewall_script not read 
it
New Synopsis: [ipfw] [patch] /etc/rc.d/ipfw should excecute $firewall_script 
not read it

Responsible-Changed-From-To: freebsd-bugs-freebsd-ipfw
Responsible-Changed-By: linimon
Responsible-Changed-When: Mon Oct 24 05:10:01 GMT 2005
Responsible-Changed-Why: 
Over to mailing list for review.

http://www.freebsd.org/cgi/query-pr.cgi?pr=78762
___
freebsd-ipfw@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to [EMAIL PROTECTED]