Date: Tue, 30 Jun 1998 21:37:55 +0200 (CEST) From: Markus Holmberg <saska@acc.umu.se> To: jkh@FreeBSD.ORG Subject: ipfw startup script "bug" in 2.2.6-STABLE Message-ID: <Pine.LNX.3.96.980630213021.23800A-100000@hirohito.acc.umu.se>
next in thread | raw e-mail | index | archive | help
Heya.. I just wanted to notice that the below config in /etc/rc.conf will result in that the ipfw-rules are not loaded at startup since ipfw won't understand.. I tried manually "ipfw -q /etc/firewall.conf" and it results in that ipfw shows usage instead and doesn't load rules. firewall_type="/etc/firewall.conf" # Firewall type (see /etc/rc.firewall) firewall_quiet="YES" # Set to YES to suppress rule display The man page for ipfw doesn't say "ipfw -q filename" is a valid way of using it.. This could potentially result in that someone who wouldn't check their startupmsg could get either locked out (if denydefault) or an all open machine (if allowdefault).... This problem won't occur if firewall_quiet is set to "NO" (obviously since -q isn't involved in that case) OK, just wanted to note it, i'm no expert so i apologize for any ignorance or errors in this report.. Best Regards, Markus Holmberg. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.3.96.980630213021.23800A-100000>