From owner-freebsd-current@FreeBSD.ORG  Sat Feb 14 12:29:04 2004
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id DFCCE16A4CE
	for <current@freebsd.org>; Sat, 14 Feb 2004 12:29:04 -0800 (PST)
Received: from out007.verizon.net (out007pub.verizon.net [206.46.170.107])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 9C4A343D1D
	for <current@freebsd.org>; Sat, 14 Feb 2004 12:29:04 -0800 (PST)
	(envelope-from cswiger@mac.com)
Received: from mac.com ([68.160.202.196]) by out007.verizon.net
          (InterMail vM.5.01.06.06 201-253-122-130-106-20030910) with ESMTP
          id <20040214202903.YXTD13340.out007.verizon.net@mac.com>;
          Sat, 14 Feb 2004 14:29:03 -0600
Message-ID: <402E850B.6000408@mac.com>
Date: Sat, 14 Feb 2004 15:28:59 -0500
From: Chuck Swiger <cswiger@mac.com>
Organization: The Courts of Chaos
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
	rv:1.6) Gecko/20040113
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Dima Dorfman <dima@trit.org>
References: <20040213113134.GA11021@gvr.gvr.org> <xzpn07nawqu.fsf@dwp.des.no>
	<20040213144338.GA13380@gvr.gvr.org> <xzpad3nhtfv.fsf@dwp.des.no>
	<20040213154946.GA14227@gvr.gvr.org> <xzp1xozhsx4.fsf@dwp.des.no>
	<20040214002857.GB7396@trit.org>
In-Reply-To: <20040214002857.GB7396@trit.org>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
X-Authentication-Info: Submitted using SMTP AUTH at out007.verizon.net from
	[68.160.202.196] at Sat, 14 Feb 2004 14:29:03 -0600
cc: current@freebsd.org
Subject: Re: usb devices and devfs settings
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 14 Feb 2004 20:29:05 -0000

Dima Dorfman wrote:
> Dag-Erling Sm?rgrav <des@des.no> wrote:
>>(like ipfw does);
> 
> ipfw(8) doesn't actually read from a file; rc.firewall calls ${fwcmd}
> explicitly for each rule.

While the mode of operation you describe is the default behavior, please note 
that /etc/rc.firewall ends with:

         if [ -r "${firewall_type}" ]; then
                 ${fwcmd} ${firewall_flags} ${firewall_type}
         fi

If you set firewall_type to the name of a file,ipfw will happy read one rule 
per line from that file via a pre-processor like cpp (or cat)...

-- 
-Chuck