Date: Fri, 30 Jan 2004 22:07:24 -0600 From: Eric F Crist <ecrist@adtechintegrated.com> To: <Barbish3@adelphia.net> Cc: freebsd-questions@freebsd.org Subject: Re: where am I supposed to put my rc.firewall? Message-ID: <200401302207.35047.ecrist@adtechintegrated.com> In-Reply-To: <MIEPLLIBMLEEABPDBIEGAECKFHAA.Barbish3@adelphia.net> References: <MIEPLLIBMLEEABPDBIEGAECKFHAA.Barbish3@adelphia.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--Boundary-02=_HoyGAd6iiuS89dV Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Description: signed data Content-Disposition: inline On Friday 30 January 2004 09:34 pm, JJB wrote: > firewall_type=3D"/etc/grog.firewall" > > is wrong, replace it with > > firewall_srcipt=3D'/etc/grog.firewall ' > > -----Original Message----- > From: owner-freebsd-questions@freebsd.org > [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Eric F > Crist > Sent: Friday, January 30, 2004 8:48 PM > To: Chuck Swiger > Cc: freebsd-questions@freebsd.org > Subject: Re: where am I supposed to put my rc.firewall? > > On Friday 30 January 2004 06:54 pm, Chuck Swiger wrote: > > Eric F Crist wrote: > > > I'm trying to add IPFW support. Where do I put my rc.firewall > > so that it > > > > gets read at boot time? I've tried /usr/local/etc/rc.d and /etc > > but > > > > neither seems to get read. > > > > Specify the location of your firewall script in /etc/rc.conf like > > so: > > firewall_enable=3D'YES' > > firewall_type=3D'/etc/ERICS_firewall' > > firewall_flags=3D'-p /usr/bin/cpp' > > > > [ You might choose to use some other preprocessor... ] > > Well, here's what I have now. I have a file in /etc called > grog.firewall. > It's contents are: > > grog# more grog.firewall > ipfw -f flush > ipfw add 100 pass all from any to any via lo0 > ipfw add 200 deny all from any to 127.0.0.0/8 > ipfw add 300 deny ip from 127.0.0.0/8 to any > ipfw add 600 allow all from any to any > > In my /etc/rc.conf file, I have the following two entries pertaining > to the > firewall: > > firewall_enable=3D"YES" > firewall_type=3D"/etc/grog.firewall" > > Now, this is a headless system, so I access it through the serial > port. I > don't see any errors anywhere, but my ipfw show command, immediately > after > boot, shows: > > 65535 481 38684 deny ip from any to any > > What have I done wrong? > -- > Eric F Crist > AdTech Integrated Systems, Inc > (612) 998-3588 Ok, I'll change that. This script still seems to cause connection problems= =2E =20 Which rules do I need to change? This should be a wide-open firewall scrip= t,=20 right? TIA =2D-=20 Eric F Crist AdTech Integrated Systems, Inc (612) 998-3588 --Boundary-02=_HoyGAd6iiuS89dV Content-Type: application/pgp-signature Content-Description: signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQBAGyoHzdyDbTMRQIYRAjk/AJ0fILp/yBwKRgoRuZvsvu7+O7TTswCgnMOQ P3s1lnkp61fKHw9HQ+jC7Es= =q0v7 -----END PGP SIGNATURE----- --Boundary-02=_HoyGAd6iiuS89dV--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200401302207.35047.ecrist>