Date: Thu, 22 May 2003 16:05:36 +0200 From: Nils Vogels <nivo+freebsd-questions@yuckfou.org> To: freebsd-questions@freebsd.org Subject: Re: Update Firewall Rules Message-ID: <20030522140536.GJ10795@imhotep.yuckfou.org> In-Reply-To: <Sea1-F1529QYVIdbg9x000280da@hotmail.com> References: <Sea1-F1529QYVIdbg9x000280da@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, May 22, 2003 at 09:11:46AM -0400, Carolyn Longfoot (CL) wrote: CL> CL> Good advice against lock-outs though. Is generally the preferred approach CL> to use different files for different rules, rather than keep sets in CL> /etc/rc.firewall? And if so, how do you set this up in /etc/rc.conf, since CL> the firewall type by default looks at rc.firewall... Having a look at /etc/defaults/rc.conf: firewall_enable="NO" # Set to YES to enable firewall functionality firewall_script="/etc/rc.firewall" # Which script to run to set up the firewall firewall_type="UNKNOWN" # Firewall type (see /etc/rc.firewall) firewall_quiet="NO" # Set to YES to suppress rule display firewall_logging="NO" # Set to YES to enable events logging firewall_flags="" # Flags passed to ipfw when type is a file So, if you would set firewall_script to some homegrown script that setups up your firewall for you, instead of the default rc.firewall, all should be fine and dandy :) Grtz, Nils.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030522140536.GJ10795>