From owner-freebsd-questions@FreeBSD.ORG  Thu May 22 06:11:47 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 1D85D37B401
	for <freebsd-questions@freebsd.org>;
	Thu, 22 May 2003 06:11:47 -0700 (PDT)
Received: from hotmail.com (f152.sea1.hotmail.com [207.68.163.152])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 9F0E443F93
	for <freebsd-questions@freebsd.org>;
	Thu, 22 May 2003 06:11:46 -0700 (PDT)
	(envelope-from c_longfoot@hotmail.com)
Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC;
	 Thu, 22 May 2003 06:11:46 -0700
Received: from 192.6.76.72 by sea1fd.sea1.hotmail.msn.com with HTTP;
	Thu, 22 May 2003 13:11:46 GMT
X-Originating-IP: [192.6.76.72]
X-Originating-Email: [c_longfoot@hotmail.com]
From: "Carolyn Longfoot" <c_longfoot@hotmail.com>
To: philip.payne@uk.mci.com
Date: Thu, 22 May 2003 09:11:46 -0400
Mime-Version: 1.0
Content-Type: text/plain; format=flowed
Message-ID: <Sea1-F1529QYVIdbg9x000280da@hotmail.com>
X-OriginalArrivalTime: 22 May 2003 13:11:46.0489 (UTC)
	FILETIME=[B27CF290:01C32063]
cc: freebsd-questions@freebsd.org
Subject: RE: Update Firewall Rules
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 22 May 2003 13:11:47 -0000

Thanks to all who replied, lots of food for thought!

Maybe my setup is a little different than what people use because I have 
different rule sets in /etc/rc.firewall (which is the default with OPEN, 
SIMPLE and CLIENT) and one of them is configured in /etc/rc.conf.

So my question is how I change from one rule set to another that is defined 
in rc.firewall. The problem should simply be how to pass the parameter (and 
to what) because
sh /etc/rc.firewall OPEN
does not work, this simply reloads the same rule set that's defined in 
/etc/rc.conf.

Good advice against lock-outs though. Is generally the preferred approach to 
use different files for different rules, rather than keep sets in 
/etc/rc.firewall? And if so, how do you set this up in /etc/rc.conf, since 
the firewall type by default looks at rc.firewall...

_________________________________________________________________
The new MSN 8: smart spam protection and 2 months FREE*  
http://join.msn.com/?page=features/junkmail