Date: Mon, 23 Jul 2001 16:55:35 -0400 From: "Antoine Beaupre (LMC)" <Antoine.Beaupre@ericsson.ca> To: freebsd-security@FreeBSD.ORG Subject: rc.firewall change comments request Message-ID: <3B5C8F47.5050300@lmc.ericsson.se>
next in thread | raw e-mail | index | archive | help
Hi.
I find that using a custom ruleset is a pain in the current rc.firewall
setup.
For example, since alternate setups are sourced using "ipfw" instead of
the shell, you do not have access to valuable variables and
conditionals, being limited to ipfw' syntax.
I use conditionals and variables to make the config file more readable.
I think that having a flat ipfw source file is unpractical and hard to
maintain.
What I suggest is to change the way of sourcing alternate config files.
Instead of doing:
*)
if [ -r "${firewall_type}" ]; then
${fwcmd} ${firewall_flags} ${firewall_type}
rc.firewall should be doing:
*)
if [ -r "${firewall_type}" ]; then
. ${firewall_type}`
What do you people think about that? Should I submit a pr?
Thanks,
A.
--
Antoine Beaupré
Jambala TCM team
Ericsson Canada inc.
mailto:antoine.beaupre@ericsson.ca
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3B5C8F47.5050300>