From owner-freebsd-hackers  Fri Oct 16 18:04:00 1998
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id SAA29849
          for freebsd-hackers-outgoing; Fri, 16 Oct 1998 18:04:00 -0700 (PDT)
          (envelope-from owner-freebsd-hackers@FreeBSD.ORG)
Received: from gras-varg.worldgate.com (gras-varg.worldgate.com [198.161.84.12])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id SAA29836
          for <freebsd-hackers@freebsd.org>; Fri, 16 Oct 1998 18:03:54 -0700 (PDT)
          (envelope-from skafte@gras-varg.worldgate.com)
Received: (from skafte@localhost)
	by gras-varg.worldgate.com (8.9.1a/8.9.1) id TAA01910
	for freebsd-hackers@freebsd.org; Fri, 16 Oct 1998 19:03:30 -0600 (MDT)
Message-ID: <19981016190330.C1571@worldgate.com>
Date: Fri, 16 Oct 1998 19:03:30 -0600
From: Greg Skafte <skafte@worldgate.com>
To: freebsd-hackers@FreeBSD.ORG
Subject: couple of quick patches
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary=h31gzZEtNLTqOjlF
X-Mailer: Mutt 0.93.2i
Organization: WorldGate Inc.
X-PGP-Fingerprint: 42 9C 2C A8 4D 2B C9 C4  7D B6 00 B0 50 47 20 97
X-URL: http://gras-varg.worldgate.com/~skafte
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


--h31gzZEtNLTqOjlF
Content-Type: text/plain; charset=us-ascii

Attached are 2 patches that I've done a send-pr on 

patch 1 

added a changer definition for the HP SureStore 24x6 dds3 drive 

patch 2 

fixes a small problem in rc.conf. 
In rc.conf if you specify firewall="filename" the firewall does not load 

-- 
Email: skafte@worldgate.com	  Voice: +403 413 1910	  Fax: +403 421 4929
   #575 Sun Life Place * 10123 99 Street * Edmonton, AB * Canada * T5J 3H1 
--								          --
When things can't get any worse, they simplify themselves by getting a whole
lot worse then complicated. A complete and utter disaster is the simplest
thing in the world; it's preventing one that's complex.       (Janet Morris)

--h31gzZEtNLTqOjlF
Content-Type: text/plain; charset=us-ascii
Content-Description: patch for surestore 24x6 dds3 tape changer 
Content-Disposition: attachment; filename="changer.patch"

--- scsiconf.c	1998/10/16 20:34:15	1.1
+++ scsiconf.c	1998/10/16 20:35:53
@@ -357,6 +357,10 @@
 		T_CHANGER, T_CHANGER, T_REMOV, "SONY", "TSL-7000", "*",
 		"ch", SC_MORE_LUS
 	},
+	{
+		T_SEQUENTIAL, T_CHANGER, T_REMOV, "HP", "C1557A", "*",
+		"ch", SC_MORE_LUS, 
+	},
 #endif /* NCH */
 #if NCD > 0
 #ifndef UKTEST	/* make cdroms unrecognised to test the uk driver */

--h31gzZEtNLTqOjlF
Content-Type: text/plain; charset=us-ascii
Content-Description: fix rc.firewall to accept and execute filename 
Content-Disposition: attachment; filename="rc.firewall.patch"

--- /usr/src/etc/rc.firewall	Wed Sep 16 22:24:21 1998
+++ /etc/rc.firewall	Thu Jul  2 14:27:09 1998
@@ -1,10 +1,6 @@
 ############
 # Setup system for firewall service.
-# $Id: rc.firewall,v 1.6.2.9 1998/06/27 21:23:19 steve Exp $
-
-if [ -f /etc/rc.conf ]; then
-	. /etc/rc.conf
-fi
+# $Id: rc.firewall,v 1.6.2.5 1997/10/21 00:20:35 jkh Exp $
 
 ############
 # Define the firewall type in /etc/rc.conf.  Valid values are:
@@ -58,14 +54,6 @@
 $fwcmd -f flush
 
 ############
-# These rules are required for using natd.  All packets are passed to natd before
-# they encounter your remaining rules.  The firewall rules will then be run again
-# on each packet after translation by natd, minus any divert rules (see natd(8)).
-if [ "X${natd_enable}" = X"YES" -a "X${natd_interface}" != X"" ]; then
-        $fwcmd add divert natd all from any to any via ${natd_interface}
-fi
-
-############
 # If you just configured ipfw in the kernel as a tool to solve network
 # problems or you just want to disallow some particular kinds of traffic
 # they you will want to change the default policy to open.  You can also
@@ -75,8 +63,8 @@
 
 ############
 # Only in rare cases do you want to change these rules
-$fwcmd add 100 pass all from any to any via lo0
-$fwcmd add 200 deny all from any to 127.0.0.0/8
+$fwcmd add 1000 pass all from any to any via lo0
+$fwcmd add 1010 deny all from 127.0.0.0/8 to 127.0.0.0/8
 
 
 # Prototype setups.
@@ -148,11 +136,8 @@
 
     # Stop RFC1918 nets on the outside interface
     $fwcmd add deny all from 192.168.0.0:255.255.0.0 to any via ${oif}
-    $fwcmd add deny all from any to 192.168.0.0:255.255.0.0 via ${oif}
     $fwcmd add deny all from 172.16.0.0:255.240.0.0 to any via ${oif}
-    $fwcmd add deny all from any to 172.16.0.0:255.240.0.0 via ${oif}
     $fwcmd add deny all from 10.0.0.0:255.0.0.0 to any via ${oif}
-    $fwcmd add deny all from any to 10.0.0.0:255.0.0.0 via ${oif}
 
     # Allow TCP through if setup succeeded
     $fwcmd add pass tcp from any to any established
@@ -183,5 +168,5 @@
     # Everything else is denied as default.
 
 elif [ "${firewall_type}" != "UNKNOWN" -a -r "${firewall_type}" ]; then
-	$fwcmd ${firewall_type}
+	. ${firewall_type}
 fi

--h31gzZEtNLTqOjlF--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message