From owner-freebsd-questions Wed Jan 22 6:45:22 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 380CE37B401 for ; Wed, 22 Jan 2003 06:45:21 -0800 (PST) Received: from mailgate1.sover.net (mailgate1.sover.net [209.198.87.60]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5AF9E43F3F for ; Wed, 22 Jan 2003 06:45:20 -0800 (PST) (envelope-from reytech@sover.net) Received: from granite.sover.net (granite.sover.net [209.198.87.33]) by mailgate1.sover.net (8.11.6/8.11.6) with ESMTP id h0MEjBK02515 for ; Wed, 22 Jan 2003 09:45:11 -0500 (EST) Date: Wed, 22 Jan 2003 09:45:09 -0500 (EST) From: "Stephen D. Kingrea" To: freebsd-questions@freebsd.org Subject: questions about static ipfw rules Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG running 4.7 with firewall, natd enabled kernel. i wish to create firewall rules outside of the rc.firewall script that remain static across reboots. to that end, i created a set (rc.firewall.rules), pointing rc.conf to that set: firewall_enable="YES" firewall_type="/etc/rc.firewall.rules" natd_enable="YES".....etc.... /etc/rc.firewall.rules lines are in the format: add 00100 all ip from any to any via lo0 add 00200 deny ip from any to 127.0.0.0/8 .......etc..... is this right? when i boot to these conditions, and ipfw show, i get the set that appears when i set firewall_type="OPEN" is this the proper format for rules in a static file? regards to all! stephen d. kingrea To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message