Date: 22 Apr 2001 11:07:42 +0200 From: Cyrille Lefevre <clefevre-lists@noos.fr> To: Gerhard Sittig <Gerhard.Sittig@gmx.net> Cc: freebsd-stable@FreeBSD.ORG Subject: Re: default ipfilter rules Message-ID: <g0f1b8v5.fsf@gits.dyndns.org> In-Reply-To: <20010419200217.U20830@speedy.gsinet> References: <005701c0c61e$728aa020$0200000a@satan> <n19dmsny.fsf@gits.dyndns.org> <20010419200217.U20830@speedy.gsinet>
next in thread | previous in thread | raw e-mail | index | archive | help
Gerhard Sittig <Gerhard.Sittig@gmx.net> writes: > On Thu, Apr 19, 2001 at 06:15 +0200, Cyrille Lefevre wrote: > > "Daryl Chance" <dchance@midsouth.rr.com> writes: > > > > > In light of the recent ipfilter problems, i was looking around > > > in /etc and noticed that theres no default ipf.rules or > > > ipfilter.rules. Is there a reason for this? ipfw has rc.firewall > > [snip] > > > > maybe the following files be installed in /usr/share/examples/ipf ? > > > > /usr/src/contrib/ipfilter/rules > > That's exactly what is referenced next to where the rules file is > specified (see the below search commands). What comes to mind is > the fact that not everybody has sources available while > /usr/share/examples is more probable to be installed (but yet > cannot be taken as a given). So the current situation might not > really be satisfactory for most binary only installations. for instance, I've done this : http://www.FreeBSD.org/cgi/query-pr.cgi?pr=26763 [snip] > opened). Preinstalled configuration can never be more than a > template since everybody has different requirements. Although I > guess rc.firewall "translation" into ipf(5) syntax will be > appreciated and accepted if provided and not only requested. :> about that, I've just discovered this tool which may do the job. http://coombs.anu.edu.au/~avalon/flc.html The Filter Language Compiler (flc) generates rules for the various packages which perform packet filtering from a common language. [snip] > Your .sig suits really fine into the thread. :) well, this sentence is very popular, but can't remember who wrote it ? Cyrille. -- home: mailto:clefevre@poboxes.com UNIX is user-friendly; it's just particular work: mailto:Cyrille.Lefevre@edf.fr about who it chooses to be friends with. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?g0f1b8v5.fsf>