From owner-freebsd-current@FreeBSD.ORG Sat Jun 14 00:44:59 2003 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1003D37B401 for ; Sat, 14 Jun 2003 00:44:59 -0700 (PDT) Received: from obsecurity.dyndns.org (adsl-64-169-104-32.dsl.lsan03.pacbell.net [64.169.104.32]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5668D43FBD for ; Sat, 14 Jun 2003 00:44:58 -0700 (PDT) (envelope-from kris@obsecurity.org) Received: from rot13.obsecurity.org (rot13.obsecurity.org [10.0.0.5]) by obsecurity.dyndns.org (Postfix) with ESMTP id 2610D66B9B for ; Sat, 14 Jun 2003 00:44:58 -0700 (PDT) Received: by rot13.obsecurity.org (Postfix, from userid 1000) id F1E4BB77; Sat, 14 Jun 2003 00:44:57 -0700 (PDT) Date: Sat, 14 Jun 2003 00:44:57 -0700 From: Kris Kennaway To: current@FreeBSD.org Message-ID: <20030614074457.GA28169@rot13.obsecurity.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="6TrnltStXW4iwmi0" Content-Disposition: inline User-Agent: Mutt/1.4.1i Subject: rc.firewall not executed? X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 14 Jun 2003 07:44:59 -0000 --6TrnltStXW4iwmi0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline I just noticed that my ipfw rules were not loaded the last time I rebooted. My rc.conf is included below - has something changed recently so that these settings are not enough? I didn't see anything relevant in UPDATING. My /etc/firewall.conf exists and is readable (and unchanged since 2002). Kris ---- # $FreeBSD: src/etc/defaults/rc.conf,v 1.156 2002/08/30 13:01:42 hm Exp $ hostname="citusc17.usc.edu" # Set this! nisdomainname="cituscdomain" # Set to NIS domain if using NIS (or NO). firewall_enable="YES" # Set to YES to enable firewall functionality firewall_type="/etc/firewall.conf" # Firewall type (see /etc/rc.firewall) sshd_enable="YES" # Enable sshd nfs_client_enable="YES" # This host is an NFS client (or NO). rpc_lockd_enable="YES" # Run NFS rpc.lockd needed for client/server. rpc_statd_enable="YES" # Run NFS rpc.statd needed for client/server. rpcbind_enable="YES" # Run the portmapper service (YES/NO). ntpd_enable="YES" # Run ntpd Network Time Protocol (or NO). nis_client_enable="YES" # We're an NIS client (or NO). defaultrouter="128.125.38.254" # Set to default gateway (or NO). keyrate="fast" # keyboard rate to: slow, normal, fast (or NO). moused_enable="yes" # Run the mouse daemon. moused_type="ps/2" # See man page for rc.conf(5) for available settings. lpd_enable="YES" # Run the line printer daemon. dumpdev="/dev/ad0s1b" # Device name to crashdump to (or NO). network_interfaces="lo0 xl0" ifconfig_xl0="inet 128.125.38.177 netmask 0xffff0000" named_enable="YES" # Run named, the DNS server (or NO). named_program="/usr/sbin/named" # path to named, if you want a different one. named_flags="-u bind -g bind" # Flags for named named_chrootdir="/var/chroot/named" # Chroot directory (or "" not to auto-chroot it) named_chroot_autoupdate="YES" # Automatically install/update chrooted # components of named. See /etc/rc.d/named. named_symlink_enable="YES" # Symlink /var/run/named.pid and /var/run/ndc # to their chrooted counterparts. sendmail_enable="YES" sendmail_flags="-bd" sendmail_outbound_enable="NO" sendmail_submit_enable="NO" sendmail_msp_queue_enable="NO" --6TrnltStXW4iwmi0 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE+6tJ5Wry0BWjoQKURAljjAKDWT7Rimfw5yH6EuNokefcmnP4grQCggrN3 BDue4n6LjNjC1QDxMRI3ZQw= =HAJe -----END PGP SIGNATURE----- --6TrnltStXW4iwmi0--