Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 30 Jun 1998 21:37:55 +0200 (CEST)
From:      Markus Holmberg <saska@acc.umu.se>
To:        jkh@FreeBSD.ORG
Subject:   ipfw startup script "bug" in 2.2.6-STABLE
Message-ID:  <Pine.LNX.3.96.980630213021.23800A-100000@hirohito.acc.umu.se>

next in thread | raw e-mail | index | archive | help
Heya..

I just wanted to notice that the below config in /etc/rc.conf will result
in that the ipfw-rules are not loaded at startup since ipfw won't
understand.. I tried manually "ipfw -q /etc/firewall.conf" and it results
in that ipfw shows usage instead and doesn't load rules.

firewall_type="/etc/firewall.conf"      # Firewall type (see /etc/rc.firewall)
firewall_quiet="YES"                    # Set to YES to suppress rule display

The man page for ipfw doesn't say "ipfw -q filename" is a valid way of
using it.. This could potentially result in that someone who wouldn't
check their startupmsg could get either locked out (if denydefault) or an
all open machine (if allowdefault)....

This problem won't occur if firewall_quiet is set to "NO" (obviously since
-q isn't involved in that case)

OK, just wanted to note it, i'm no expert so i apologize for any ignorance
or errors in this report..

Best Regards, Markus Holmberg.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.3.96.980630213021.23800A-100000>