From owner-freebsd-questions@FreeBSD.ORG  Wed Jun 29 04:35:00 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 11D9916A41C
	for <freebsd-questions@freebsd.org>;
	Wed, 29 Jun 2005 04:35:00 +0000 (GMT)
	(envelope-from freebsd@meijome.net)
Received: from sigma.octantis.com.au (sigma.octantis.com.au [207.44.188.23])
	by mx1.FreeBSD.org (Postfix) with ESMTP id B70DA43D1F
	for <freebsd-questions@freebsd.org>;
	Wed, 29 Jun 2005 04:34:59 +0000 (GMT)
	(envelope-from freebsd@meijome.net)
Received: (qmail 2705 invoked from network); 29 Jun 2005 14:34:59 +1000
Received: from andromeda.lef.com.au (HELO ?10.168.101.24?) (210.8.93.2)
	by sigma.octantis.com.au with (DHE-RSA-AES256-SHA encrypted) SMTP;
	29 Jun 2005 14:34:59 +1000
Message-ID: <42C224E2.1070003@meijome.net>
Date: Wed, 29 Jun 2005 14:34:42 +1000
From: Norberto Meijome <freebsd@meijome.net>
User-Agent: Mozilla Thunderbird 1.0.2 (Windows/20050317)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: "freebsd-questions@FreeBSD. ORG" <freebsd-questions@freebsd.org>
References: <MIEPLLIBMLEEABPDBIEGCEOCHHAA.fbsd_user@a1poweruser.com>	<1120015025.659.12.camel@chaucer>
	<42C21862.6010700@daleco.biz>
In-Reply-To: <42C21862.6010700@daleco.biz>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: Shell script help
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Jun 2005 04:35:00 -0000

Kevin Kinsey wrote:
> 
> =================
> 
> # Rule number variable
>   RuleNum=100
> 
> #################################
> # this function increments $RulNum var by 100... #
> #################################
> 
> inc () {
>   RuleNum=$(expr $1 "+" 100)
> }
> 
> 
> ##################
> #   LET'S GET STARTED   #
> ##################
> 
> # flush the ruleset ...
>   /sbin/ipfw -q flush
> 
> # set up the loopback ...
>   $FW $RuleNum allow ip from any to any via $loopback
>   inc $RuleNum
> 
> # deny localhost traffic on other interfaces
>   $FW $RuleNum deny ip from 127.0.0.0/8 to any
>   inc $RuleNum
>   $FW $RuleNum deny ip from any to 127.0.0.0/8
>   inc $RuleNum
> 
> ==================

nice use...but what's the point ? ipfw assigns rule #s automatically.

I agree that you may want to hardcode your rule #s (0-100 for localhost, 
200 - 5000 for LAN, etc) but using your inc() process defeats the 
purpose of this.

just my $0.02
Beto