From owner-freebsd-current@FreeBSD.ORG Sun Jun 15 17:28:05 2003 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4B5BD37B401 for ; Sun, 15 Jun 2003 17:28:05 -0700 (PDT) Received: from obsecurity.dyndns.org (adsl-64-169-104-32.dsl.lsan03.pacbell.net [64.169.104.32]) by mx1.FreeBSD.org (Postfix) with ESMTP id 98E5743F3F for ; Sun, 15 Jun 2003 17:28:04 -0700 (PDT) (envelope-from kris@obsecurity.org) Received: from rot13.obsecurity.org (rot13.obsecurity.org [10.0.0.5]) by obsecurity.dyndns.org (Postfix) with ESMTP id 6077466B9B; Sun, 15 Jun 2003 17:28:04 -0700 (PDT) Received: by rot13.obsecurity.org (Postfix, from userid 1000) id 4F33CAE9; Sun, 15 Jun 2003 17:28:04 -0700 (PDT) Date: Sun, 15 Jun 2003 17:28:04 -0700 From: Kris Kennaway To: Andre Guibert de Bruet Message-ID: <20030616002804.GA33512@rot13.obsecurity.org> References: <20030614074457.GA28169@rot13.obsecurity.org> <20030615093433.Q31662@alpha.siliconlandmark.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="C7zPtVaVf+AK4Oqc" Content-Disposition: inline In-Reply-To: <20030615093433.Q31662@alpha.siliconlandmark.com> User-Agent: Mutt/1.4.1i cc: current@freebsd.org cc: Kris Kennaway Subject: Re: rc.firewall not executed? X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 Jun 2003 00:28:05 -0000 --C7zPtVaVf+AK4Oqc Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Jun 15, 2003 at 09:36:23AM -0400, Andre Guibert de Bruet wrote: >=20 > On Sat, 14 Jun 2003, Kris Kennaway wrote: >=20 > > I just noticed that my ipfw rules were not loaded the last time I > > rebooted. My rc.conf is included below - has something changed > > recently so that these settings are not enough? I didn't see anything > > relevant in UPDATING. My /etc/firewall.conf exists and is readable > > (and unchanged since 2002). > > > > Kris > > > > ---- > > # $FreeBSD: src/etc/defaults/rc.conf,v 1.156 2002/08/30 13:01:42 hm Exp= $ > > hostname=3D"citusc17.usc.edu" # Set this! > > nisdomainname=3D"cituscdomain" # Set to NIS domain if using NIS (or = NO). > > firewall_enable=3D"YES" # Set to YES to enable firewall funct= ionality > > firewall_type=3D"/etc/firewall.conf" # Firewall type (see /etc/rc.= firewall) > ^^^^^^^^^^^^^^^^^^ > This is wrong. Set it to "UNKNOWN". There's firewall_script for that. Nope..read rc.firewall(5) :-) Kris --C7zPtVaVf+AK4Oqc Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE+7Q8TWry0BWjoQKURArnuAKC+9188CBHZC5uNoWhyK4/mp4mcFQCgigki msfTbLdTdKvxJ9A5y8e5kUg= =Ttje -----END PGP SIGNATURE----- --C7zPtVaVf+AK4Oqc--