From owner-freebsd-current  Thu Mar  6  0:33:24 2003
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 8999937B401
	for <current@freebsd.org>; Thu,  6 Mar 2003 00:33:22 -0800 (PST)
Received: from edgemaster.zombie.org (edgemaster.creighton.edu [147.134.112.68])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 23C8343FAF
	for <current@freebsd.org>; Thu,  6 Mar 2003 00:33:22 -0800 (PST)
	(envelope-from smkelly@zombie.org)
Received: by edgemaster.zombie.org (Postfix, from userid 1001)
	id BDBEA39839; Thu,  6 Mar 2003 02:33:21 -0600 (CST)
Date: Thu, 6 Mar 2003 02:33:21 -0600
From: Sean Kelly <smkelly@zombie.org>
To: current@freebsd.org
Subject: /etc/rc.d/ipfw
Message-ID: <20030306083321.GB3045@edgemaster.zombie.org>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="nVMJ2NtxeReIH9PS"
Content-Disposition: inline
User-Agent: Mutt/1.5.3i
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-current.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-current>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-current>
X-Loop: FreeBSD.ORG


--nVMJ2NtxeReIH9PS
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

the ipfw_start() function in /etc/rc.d/ipfw is missing a command:
     sysctl net.inet.ip.fw.enable=3D1

edgemaster# /etc/rc.d/ipfw restart
net.inet.ip.fw.enable: 1 -> 0
Flushed all rules.
=2E..
Firewall rules loaded, starting divert daemons:.
edgemaster# sysctl net.inet.ip.fw.enable
net.inet.ip.fw.enable: 0

This simple patch fixes it, and also changes a `sysctl` to a ${SYSCTL_W}.

--- ipfw.old	Thu Mar  6 02:22:37 2003
+++ ipfw	Thu Mar  6 02:31:58 2003
@@ -35,6 +35,7 @@
=20
 	if [ -r "${firewall_script}" ]; then
 		. "${firewall_script}"
+		${SYSCTL_W} net.inet.ip.fw.enable=3D1 >/dev/null
 		echo -n 'Firewall rules loaded, starting divert daemons:'
=20
 		# Network Address Translation daemon
@@ -63,7 +64,7 @@
 	! checkyesno firewall_logging && return 0
=20
 	echo 'Firewall logging=3DYES'
-	sysctl net.inet.ip.fw.verbose=3D1 >/dev/null
+	${SYSCTL_W} net.inet.ip.fw.verbose=3D1 >/dev/null
 }
=20
 load_rc_config $name

--=20
Sean Kelly         | PGP KeyID: D2E5E296
smkelly@zombie.org | http://www.zombie.org

--nVMJ2NtxeReIH9PS
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (FreeBSD)

iD8DBQE+ZwfRPm7A9NLl4pYRArReAJ9ZQW0FYaL9qnrv/fx3coFjwd2j9wCgjsqA
Pm6wjODb7mupfSk+fN5M98s=
=e4GB
-----END PGP SIGNATURE-----

--nVMJ2NtxeReIH9PS--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message