Date: Wed, 13 Mar 2002 16:37:10 -0800 (PST) From: Peter J Jones <pjones@pmade.org> To: FreeBSD-gnats-submit@FreeBSD.org Subject: conf/35877: rc.firewall? does not setup lo0 Message-ID: <200203140037.g2E0bAb03963@pmade.org>
next in thread | raw e-mail | index | archive | help
>Number: 35877
>Category: conf
>Synopsis: rc.firewall? does not setup lo0
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Wed Mar 13 16:40:01 PST 2002
>Closed-Date:
>Last-Modified:
>Originator: Peter Jones
>Release: FreeBSD 4.5-STABLE i386
>Organization:
>Environment:
4.5-STABLE as of 03-12-2002
System: FreeBSD pmade.org 4.5-STABLE FreeBSD 4.5-STABLE #0: Tue Mar 12 19:47:49 PST 2002 pjones@pmade.org:/usr/src/sys/compile/KERNEL i386
>Description:
Default behavior of the /etc/rc.firewall and /etc/rc.firewall6 scripts
has changed for systems that use firewall_type="somefile", where somefile
is an exteral file with firewall rules. Before 4.5-STABLE the rc.firewall?
scripts would setup the loopback interface with the correct firewall rules.
The scripts no longer setup the loopback interface. I don't know if we
should update our firewall script or the rc.firewall? files. Here is a patch
anyway.
>How-To-Repeat:
cvsup to 4.5-STABLE. Use a firewall script. ipfw list.
>Fix:
# This is a shell archive. Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file". Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
# rc.firewall.patch
# rc.firewall6.patch
#
echo x - rc.firewall.patch
sed 's/^X//' >rc.firewall.patch << 'END-of-rc.firewall.patch'
X--- rc.firewall.orig Wed Mar 13 16:15:04 2002
X+++ rc.firewall Wed Mar 13 16:16:03 2002
X@@ -294,6 +294,7 @@
X [Uu][Nn][Kk][Nn][Oo][Ww][Nn])
X ;;
X *)
X+ setup_loopback
X if [ -r "${firewall_type}" ]; then
X ${fwcmd} ${firewall_flags} ${firewall_type}
X fi
END-of-rc.firewall.patch
echo x - rc.firewall6.patch
sed 's/^X//' >rc.firewall6.patch << 'END-of-rc.firewall6.patch'
X--- rc.firewall6.orig Wed Mar 13 16:17:09 2002
X+++ rc.firewall6 Wed Mar 13 16:17:31 2002
X@@ -279,6 +279,7 @@
X [Uu][Nn][Kk][Nn][Oo][Ww][Nn])
X ;;
X *)
X+ setup_local
X if [ -r "${ipv6_firewall_type}" ]; then
X ${fw6cmd} ${ipv6_firewall_flags} ${ipv6_firewall_type}
X fi
END-of-rc.firewall6.patch
exit
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200203140037.g2E0bAb03963>