Date: Tue, 17 Sep 1996 16:48:34 +1000 (EST) From: "Daniel O'Callaghan" <danny@panda.hilink.com.au> To: freebsd-hackers@freebsd.org Subject: IPFW sysconfig and netstart niceties Message-ID: <Pine.BSF.3.91.960917161134.384E-100000@panda.hilink.com.au>
next in thread | raw e-mail | index | archive | help
Perhaps some committer who thinks that too many people are tripping over the "IPFW Policy Deny" would like to review the diffs to sysconfig and netstat below. It's only cosmetic, but appearances do count. Thanks, Danny *** sysconfig.orig Tue Sep 17 16:10:12 1996 --- sysconfig Tue Sep 17 16:10:02 1996 *************** *** 196,201 **** --- 196,202 ---- gateway=YES # If you want this host to be a firewall or otherwise filter IP, set to YES. + # If you wish to turn off filtering in the kernel, set to OFF. firewall=NO # Set to YES if you wish to check quotas. ----- *** netstart.orig Tue Sep 17 14:42:40 1996 --- netstart Tue Sep 17 16:08:22 1996 *************** *** 24,31 **** fi # If IP filtering ! if [ -n "$firewall" -a "x$firewall" != "xNO" -a -f /etc/rc.firewall ] ; then sh /etc/rc.firewall fi # --- 24,49 ---- fi # If IP filtering ! /sbin/ipfw flush > /dev/null 2>&1 ! ! if [ $? = 0 ] ; then ! # IPFIREWALL is in kernel ! if [ "x$firewall" = "xYES" -a -f /etc/rc.firewall ] ; then sh /etc/rc.firewall + else + if [ "x$firewall" = "xOFF" ] ; then + /sbin/ipfw add 65000 pass all from any to any + else + echo "Warning: ipfw in kernel not configured - all IP is blocked." + echo " Please read /etc/sysconfig and /etc/rc.firewall" + fi + fi + else + # IPFIREWALL is not in kernel + if [ "x$firewall" = "xYES" ] ; then + echo "Warning: ipfirewall not in kernel - IP filtering is not available." + fi + fi #
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.960917161134.384E-100000>