Date: Thu, 25 Oct 2001 03:27:43 +0300 From: Giorgos Keramidas <charon@labs.gr> To: Gerhard Sittig <Gerhard.Sittig@gmx.net> Cc: Darren Reed <darrenr@freebsd.org>, hackers@freebsd.org Subject: ipfilter changes in rc.network (was: Re: cvs commit: src/etc rc.network) Message-ID: <20011025032742.A4399@hades.hell.gr>
next in thread | raw e-mail | index | archive | help
On Tue, Oct 23, 2001 at 07:45:11PM +0200, Gerhard Sittig wrote: > > I get the feeling this - inappropriate - setting of a _program > variable is due to my misguided suggestion in PR conf/20202 > which verbatimly made it into the FreeBSD start scripts. If it > doesn't fit the usual rules feel free to correct it! :) After > all I was a newbee to FreeBSD then (and still I'm not a guru or > seasoned hacker:) as well as I understand Darren to do his > daytime job with SunOS / Solaris and since he might need some > hints on how his software fits even better into FreeBSD. I guess > he will happily accept patches improving a wrong approach. > > Maybe there's need for the following parts: > - ipfilter_program > - ipfilter_prerules_flags > - ipfilter_rules > - ipfilter_postrules_flags > ? The current situation comes from the fact that I wanted to > have a single variable with the rules file only - to check for > its existance (if such an additional constraints check matters). Done. I tested on my -current (compiled on Oct 22) the patch you can find at http://labs.gr/~charon/patches/diff.04.ipf-rc-U It is functionally equivalent to our current rc.network behavior, but it uses the variables you proposed, and it moves all the flags out of all the XXX_program variables. Comments on this are more than welcome... -giorgos To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011025032742.A4399>