Date: Mon, 23 Jul 2001 16:55:35 -0400 From: "Antoine Beaupre (LMC)" <Antoine.Beaupre@ericsson.ca> To: freebsd-security@FreeBSD.ORG Subject: rc.firewall change comments request Message-ID: <3B5C8F47.5050300@lmc.ericsson.se>
next in thread | raw e-mail | index | archive | help
Hi. I find that using a custom ruleset is a pain in the current rc.firewall setup. For example, since alternate setups are sourced using "ipfw" instead of the shell, you do not have access to valuable variables and conditionals, being limited to ipfw' syntax. I use conditionals and variables to make the config file more readable. I think that having a flat ipfw source file is unpractical and hard to maintain. What I suggest is to change the way of sourcing alternate config files. Instead of doing: *) if [ -r "${firewall_type}" ]; then ${fwcmd} ${firewall_flags} ${firewall_type} rc.firewall should be doing: *) if [ -r "${firewall_type}" ]; then . ${firewall_type}` What do you people think about that? Should I submit a pr? Thanks, A. -- Antoine Beaupré Jambala TCM team Ericsson Canada inc. mailto:antoine.beaupre@ericsson.ca To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3B5C8F47.5050300>