Re: ipfw natd rules not loading on startup

2010-05-15 Thread Polytropon 
Just a sidenote:

On Sat, 15 May 2010 02:33:10 +0200, umage theultram...@gmail.com wrote:
 However, if I
 run the script manually, or call it from the end of /etc/rc, it will add
 these rules as well. Currently I am using a workaround.

It's not a good idea to modify /etc/rc. In your case, using the
mechanism s of /etc/rc(.shutdown).local is a good way to call
scripts that do not fit the rc.d concept. See man rc.local
for details.

So I would suggest something for /etc/rc.local like this:



#!/bin/sh

if [ -z ${source_rc_confs_defined} ]; then
if [ -r /etc/defaults/rc.conf ]; then
. /etc/defaults/rc.conf
source_rc_confs
elif [ -r /etc/rc.conf ]; then
. /etc/rc.conf
elif [ -r /etc/rc.conf.local ]; then
. /etc/rc.conf.local
fi
fi

echo -n  custom-firewall
/your/firewall/script.sh --here



The final dot + newline in the messages will be added by rc,
if I remember correctly.



-- 
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

ipfw natd rules not loading on startup

2010-05-14 Thread umage 
I performed a kernel+world update of my freebsd router, RELENG_8 branch,
apparently from the version 6 months ago to current. I use ipfw and a
shell script that gets loaded at startup. I noticed after rebooting that
ipfw did not load two rules, both of type divert natd. However, if I
run the script manually, or call it from the end of /etc/rc, it will add
these rules as well. Currently I am using a workaround.

I could not find any mention of warnings or errors in the logs. I
couldn't find any way of making ipfw log errors. I tried piping my
script's output to a file, but it did not say anything useful. Noone I
asked knew what to do. I noticed that there has been a revamp of ipfw
and its supporting scripts recently, so it's possible something broke
along the way (for example, a missing rc dependency on natd?).

Advice would be appreciated.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: ipfw natd rules not loading on startup

2010-05-14 Thread Jonathan Chen 
On Sat, May 15, 2010 at 02:33:10AM +0200, umage wrote:
 I performed a kernel+world update of my freebsd router, RELENG_8 branch,
 apparently from the version 6 months ago to current. I use ipfw and a
 shell script that gets loaded at startup. I noticed after rebooting that
 ipfw did not load two rules, both of type divert natd. However, if I
 run the script manually, or call it from the end of /etc/rc, it will add
 these rules as well. Currently I am using a workaround.

Best to ask -STABLE. There's been some breakage of ipfw since end of
April. I'm unsure as to whether they've all be resolved yet.

Cheers.
-- 
Jonathan Chen  |  To do is to be  -- Nietzsche
j...@chen.org.nz |  To be is to do  -- Sartre 
   |  Scooby do be do -- Scooby
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org