From owner-svn-src-stable-11@freebsd.org Thu Mar 29 13:20:42 2018 Return-Path: Delivered-To: svn-src-stable-11@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D03D2F75AF3; Thu, 29 Mar 2018 13:20:42 +0000 (UTC) (envelope-from freebsd@pdx.rh.CN85.dnsmgr.net) Received: from pdx.rh.CN85.dnsmgr.net (br1.CN84in.dnsmgr.net [69.59.192.140]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 38B816D86E; Thu, 29 Mar 2018 13:20:41 +0000 (UTC) (envelope-from freebsd@pdx.rh.CN85.dnsmgr.net) Received: from pdx.rh.CN85.dnsmgr.net (localhost [127.0.0.1]) by pdx.rh.CN85.dnsmgr.net (8.13.3/8.13.3) with ESMTP id w2TDKelu063089; Thu, 29 Mar 2018 06:20:40 -0700 (PDT) (envelope-from freebsd@pdx.rh.CN85.dnsmgr.net) Received: (from freebsd@localhost) by pdx.rh.CN85.dnsmgr.net (8.13.3/8.13.3/Submit) id w2TDKej2063088; Thu, 29 Mar 2018 06:20:40 -0700 (PDT) (envelope-from freebsd) From: "Rodney W. Grimes" Message-Id: <201803291320.w2TDKej2063088@pdx.rh.CN85.dnsmgr.net> Subject: Re: svn commit: r331728 - in stable/11/etc: . rc.d In-Reply-To: <201803290451.w2T4p8NK035072@repo.freebsd.org> To: Marcelo Araujo Date: Thu, 29 Mar 2018 06:20:40 -0700 (PDT) CC: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org Reply-To: rgrimes@freebsd.org X-Mailer: ELM [version 2.4ME+ PL121h (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII X-BeenThere: svn-src-stable-11@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: SVN commit messages for only the 11-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Mar 2018 13:20:43 -0000 > Author: araujo > Date: Thu Mar 29 04:51:07 2018 > New Revision: 331728 > URL: https://svnweb.freebsd.org/changeset/base/331728 > > Log: > MFC r329817: I must of missed this when it landed in ^/head > The firewall_type is ignored if not set in rc.conf or rc.conf.local, > after r190575 there is an option to call rc.firewall with the firewall_type > passed in as an argument. > > Submitted by: David P. Discher > Sponsored by: iXsystems Inc. > Differential Revision: https://reviews.freebsd.org/D14286 No one accepted it :-(. > Modified: > stable/11/etc/rc.d/ipfw > stable/11/etc/rc.firewall > Directory Properties: > stable/11/ (props changed) > > Modified: stable/11/etc/rc.d/ipfw > ============================================================================== > --- stable/11/etc/rc.d/ipfw Thu Mar 29 04:41:45 2018 (r331727) > +++ stable/11/etc/rc.d/ipfw Thu Mar 29 04:51:07 2018 (r331728) > @@ -40,7 +40,11 @@ ipfw_start() > { > local _firewall_type > > - _firewall_type=$1 > + if [ -n "${1}" ]; then > + _firewall_type=$1 > + else > + _firewall_type=${firewall_type} > + fi > > # set the firewall rules script if none was specified > [ -z "${firewall_script}" ] && firewall_script=/etc/rc.firewall > > Modified: stable/11/etc/rc.firewall > ============================================================================== > --- stable/11/etc/rc.firewall Thu Mar 29 04:41:45 2018 (r331727) > +++ stable/11/etc/rc.firewall Thu Mar 29 04:51:07 2018 (r331728) > @@ -112,12 +112,20 @@ setup_ipv6_mandatory() { > ${fwcmd} add pass ipv6-icmp from any to any icmp6types 2,135,136 > } > > +. /etc/rc.subr > +. /etc/network.subr > + > if [ -n "${1}" ]; then > firewall_type="${1}" > fi > +if [ -z "${firewall_rc_config_load}" ]; then > + load_rc_config ipfw > +else > + for i in ${firewall_rc_config_load}; do > + load_rc_config $i > + done > +fi firewall_rc_config_load is undocumented and missing from /etc/defaults/rc.conf. > > -. /etc/rc.subr > -. /etc/network.subr > afexists inet6 > ipv6_available=$? -- Rod Grimes rgrimes@freebsd.org