Date: Wed, 22 Dec 2004 11:16:28 -0800 From: Brooks Davis <brooks@one-eyed-alien.net> To: "Dott. Surricani" <surricani@gmail.com> Cc: freebsd-ipfw@freebsd.org Subject: Re: problem with IPFILTER Message-ID: <20041222191628.GA15881@odin.ac.hmc.edu> In-Reply-To: <4591fd910412220846d2c92cd@mail.gmail.com> References: <4591fd910412220846d2c92cd@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--XsQoSWH+UP9D9v3l Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Dec 22, 2004 at 05:46:45PM +0100, Dott. Surricani wrote: > Hello everybody. >=20 > I've succesfully set up an Inclusive Firewall for my small Lan, how > explained in Chapter 24 of the Handbook, > with IPFILTER and ipnat (Either with kld modules). > I've included in rc.conf the lines neeeded and i've written custom > ipf.rules and ipnat.rules... >=20 > It's super, and work great, but I've got a problem/question: >=20 > each time I restart the server the rules are cleared and It leave all > packets enter and exit > an I have to type in the shell >=20 > ipf -Fa -f /etc/ipf.rules and > ipnat -CF -f /etc/ipnat.rules >=20 > It's very boring.... >=20 > What I can do to automate this task? Search for ipfilter and ipnat in /etc/defaults/rc.conf to find the appropriate variables to set in your /etc/rc.conf. -- Brooks --=20 Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4 --XsQoSWH+UP9D9v3l Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFBycgLXY6L6fI4GtQRAiSpAJ0V6EVG6J8ak369KTI/9TkvVN5jVACgnqAI W1C61Cw/3ZNVPIhE2Y+vT6s= =6Y7p -----END PGP SIGNATURE----- --XsQoSWH+UP9D9v3l--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041222191628.GA15881>