Date: Thu, 22 Feb 2018 06:38:04 -0800 (PST) From: "Rodney W. Grimes" <freebsd@pdx.rh.CN85.dnsmgr.net> To: Marcelo Araujo <araujo@freebsd.org> Cc: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r329817 - in head/etc: . rc.d Message-ID: <201802221438.w1MEc4am091593@pdx.rh.CN85.dnsmgr.net> In-Reply-To: <201802220825.w1M8PeqT049430@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> Author: araujo > Date: Thu Feb 22 08:25:39 2018 > New Revision: 329817 > URL: https://svnweb.freebsd.org/changeset/base/329817 > > Log: > The firewall_type is ignored if not set in rc.conf or rc.conf.local, > after r190575 there is an option to call rc.firewall with the firewall_type > passed in as an argument. > > Submitted by: David P. Discher <dpd@dpdtech.com> > MFC after: 3 weeks. > Sponsored by: iXsystems Inc. > Differential Revision: https://reviews.freebsd.org/D14286 > > Modified: > head/etc/rc.d/ipfw > head/etc/rc.firewall > > Modified: head/etc/rc.d/ipfw > ============================================================================== > --- head/etc/rc.d/ipfw Thu Feb 22 05:44:00 2018 (r329816) > +++ head/etc/rc.d/ipfw Thu Feb 22 08:25:39 2018 (r329817) > @@ -40,7 +40,11 @@ ipfw_start() > { > local _firewall_type > > - _firewall_type=$1 > + if [ -n "${1}" ]; then > + _firewall_type=$1 > + else > + _firewall_type=${firewall_type} > + fi > > # set the firewall rules script if none was specified > [ -z "${firewall_script}" ] && firewall_script=/etc/rc.firewall > > Modified: head/etc/rc.firewall > ============================================================================== > --- head/etc/rc.firewall Thu Feb 22 05:44:00 2018 (r329816) > +++ head/etc/rc.firewall Thu Feb 22 08:25:39 2018 (r329817) > @@ -112,12 +112,20 @@ setup_ipv6_mandatory() { > ${fwcmd} add pass ipv6-icmp from any to any icmp6types 2,135,136 > } > > +. /etc/rc.subr > +. /etc/network.subr > + > if [ -n "${1}" ]; then > firewall_type="${1}" > fi > +if [ -z "${firewall_rc_config_load}" ]; then > + load_rc_config ipfw > +else > + for i in ${firewall_rc_config_load}; do > + load_rc_config $i > + done > +fi There is no documentation of firewall_rc_config_load. > -. /etc/rc.subr > -. /etc/network.subr > afexists inet6 > ipv6_available=$? -- Rod Grimes rgrimes@freebsd.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201802221438.w1MEc4am091593>