Date: Wed, 22 Jan 2003 15:18:33 +0000 From: Daniel Bye <dan@slightlystrange.org> To: freebsd-questions@freebsd.org Subject: Re: questions about static ipfw rules Message-ID: <20030122151833.GA80680@catflap.home.slightlystrange.org> In-Reply-To: <Pine.BSI.4.21.0301220931310.19656-100000@granite.sover.net> References: <Pine.BSI.4.21.0301220931310.19656-100000@granite.sover.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Jan 22, 2003 at 09:45:09AM -0500, Stephen D. Kingrea wrote: > running 4.7 with firewall, natd enabled kernel. i wish to create firewall > rules outside of the rc.firewall script that remain static across > reboots. to that end, i created a set (rc.firewall.rules), pointing > rc.conf to that set: > > firewall_enable="YES" > firewall_type="/etc/rc.firewall.rules" You should change "firewall_type" to "firewall_script". You should then find all works as you want. > natd_enable="YES".....etc.... > > /etc/rc.firewall.rules lines are in the format: > > add 00100 all ip from any to any via lo0 > add 00200 deny ip from any to 127.0.0.0/8 > .......etc..... > > is this right? when i boot to these conditions, and ipfw show, i get > the set that appears when i set firewall_type="OPEN" > > is this the proper format for rules in a static file? > > regards to all! > > stephen d. kingrea > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message -- Daniel Bye PGP Key: ftp://ftp.slightlystrange.org/pgpkey/dan.asc PGP Key fingerprint: 3D73 AF47 D448 C5CA 88B4 0DCF 849C 1C33 3C48 2CDC _ ASCII ribbon campaign ( ) - against HTML, vCards and X - proprietary attachments in e-mail / \ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030122151833.GA80680>