From owner-freebsd-security Tue Jul 24 6:34:23 2001 Delivered-To: freebsd-security@freebsd.org Received: from imr2.ericy.com (imr2.ericy.com [12.34.240.68]) by hub.freebsd.org (Postfix) with ESMTP id 2543F37B403; Tue, 24 Jul 2001 06:34:19 -0700 (PDT) (envelope-from Antoine.Beaupre@ericsson.ca) Received: from mr5.exu.ericsson.se (mr5att.ericy.com [138.85.92.13]) by imr2.ericy.com (8.11.3/8.11.3) with ESMTP id f6ODYI520875; Tue, 24 Jul 2001 08:34:18 -0500 (CDT) Received: from noah.lmc.ericsson.se (noah.lmc.ericsson.se [142.133.1.1]) by mr5.exu.ericsson.se (8.11.3/8.11.3) with ESMTP id f6ODYHr29866; Tue, 24 Jul 2001 08:34:18 -0500 (CDT) Received: from lmc35.lmc.ericsson.se (lmc35.lmc.ericsson.se [142.133.16.175]) by noah.lmc.ericsson.se (8.11.2/8.9.2) with ESMTP id f6ODYGA13607; Tue, 24 Jul 2001 09:34:16 -0400 (EDT) Received: by lmc35.lmc.ericsson.se with Internet Mail Service (5.5.2653.19) id ; Tue, 24 Jul 2001 09:34:15 -0400 Received: from lmc.ericsson.se (lmcpc100455.pc.lmc.ericsson.se [142.133.23.150]) by LMC37.lmc.ericsson.se with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2653.13) id PRG01APM; Tue, 24 Jul 2001 09:34:09 -0400 From: "Antoine Beaupre (LMC)" To: Gregory Neil Shapiro Cc: freebsd-security@FreeBSD.ORG Message-ID: <3B5D7950.8070906@lmc.ericsson.se> Date: Tue, 24 Jul 2001 09:34:08 -0400 Organization: LMC, Ericsson Research Canada User-Agent: Mozilla/5.0 (Windows; U; WinNT4.0; en-US; rv:0.9.2+) Gecko/20010717 X-Accept-Language: en,fr-CA,fr MIME-Version: 1.0 Subject: Re: rc.firewall change comments request References: <3B5C8F47.5050300@lmc.ericsson.se> <15196.44529.197423.239149@horsey.gshapiro.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Gregory Neil Shapiro wrote: > Antoine.Beaupre> For example, since alternate setups are sourced using > Antoine.Beaupre> "ipfw" instead of the shell, you do not have access to > Antoine.Beaupre> valuable variables and conditionals, being limited to > Antoine.Beaupre> ipfw' syntax. > > Antoine.Beaupre> I use conditionals and variables to make the config file > Antoine.Beaupre> more readable. > > Antoine.Beaupre> I think that having a flat ipfw source file is unpractical > Antoine.Beaupre> and hard to maintain. > > Why not just set firewall_script in your /etc/rc.conf? > > firewall_script="/etc/rc.firewall" # Which script to run to set up the firewall Ah-ah! I knew there was something I was missing. Sorry for the lame complaining. :) A. -- Antoine Beaupré Jambala TCM team Ericsson Canada inc. mailto:antoine.beaupre@ericsson.ca To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message