From owner-freebsd-ipfw@FreeBSD.ORG  Wed Dec 22 16:47:34 2004
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
Delivered-To: freebsd-ipfw@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id DBBF016A4CE
	for <freebsd-ipfw@freebsd.org>; Wed, 22 Dec 2004 16:47:34 +0000 (GMT)
Received: from wproxy.gmail.com (wproxy.gmail.com [64.233.184.203])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 8BA7543D41
	for <freebsd-ipfw@freebsd.org>; Wed, 22 Dec 2004 16:47:29 +0000 (GMT)
	(envelope-from surricani@gmail.com)
Received: by wproxy.gmail.com with SMTP id 55so140wri
        for <freebsd-ipfw@freebsd.org>; Wed, 22 Dec 2004 08:46:45 -0800 (PST)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
	s=beta; d=gmail.com;
	h=received:message-id:date:from:reply-to:to:subject:mime-version:content-type:content-transfer-encoding;
	b=MXUrhYAGVAoHC2iJ5wgfBq91ymDQ5pgFZVJGRrJWFxWgaYgy+04ooz7ArVQhyZjYfets6HOdQPFG8BS39YAtvK1BSR3AZZSk9F42wp941/a52NLPGErL6Yl5aq41KHPieEZyn6+r/hnyEhwpKcleiMf4fxzRVk/XXz+vtLO/oDo=
Received: by 10.54.42.56 with SMTP id p56mr34393wrp;
        Wed, 22 Dec 2004 08:46:45 -0800 (PST)
Received: by 10.54.2.66 with HTTP; Wed, 22 Dec 2004 08:46:45 -0800 (PST)
Message-ID: <4591fd910412220846d2c92cd@mail.gmail.com>
Date: Wed, 22 Dec 2004 17:46:45 +0100
From: "Dott. Surricani" <surricani@gmail.com>
To: freebsd-ipfw@freebsd.org
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Subject: problem with IPFILTER
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: "Dott. Surricani" <surricani@gmail.com>
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Dec 2004 16:47:35 -0000

Hello everybody.

I've succesfully set up an Inclusive Firewall for my small Lan, how
explained in Chapter 24 of the Handbook,
with IPFILTER and ipnat (Either with kld modules).
I've included in rc.conf the lines neeeded and i've written custom
ipf.rules and ipnat.rules...

It's super, and work great, but I've got a problem/question:

each time I restart the server the rules are cleared and It leave all
packets enter and exit
an I have to type in the shell

ipf -Fa -f /etc/ipf.rules and
ipnat -CF -f /etc/ipnat.rules

It's very boring....

What I can do to automate this task?


Thanks all very much!!!!