Date: Sun, 19 Aug 2007 19:48:04 +1000 From: "Jacob Hart" <jacob.hart+freebsd-current@gmail.com> To: freebsd-current@freebsd.org Subject: Allow TCP/UDP services in /etc/rc.firewall Message-ID: <139a3a1b0708190248w66b746f9w313600578334572@mail.gmail.com>
index | next in thread | raw e-mail
[-- Attachment #1 --]
Small patch that changes workstation profile in /etc/rc.firewall to
allow UDP services. All ports without a protocol specifier are
treated as TCP by default to keep backwards compatibility.
For example, setting
firewall_myservices="22 tcp:2000 udp:2001"
in /etc/rc.conf creates ipfw rules for tcp ports 22,2000 and udp port 2001.
-j
[-- Attachment #2 --]
--- /etc/rc.firewall.orig 2007-08-19 18:03:43.000000000 +1000
+++ /etc/rc.firewall 2007-08-19 19:18:42.000000000 +1000
@@ -349,8 +349,10 @@
#
for i in ${firewall_allowservices} ; do
for j in ${firewall_myservices} ; do
- ${fwcmd} add pass tcp from $i to me $j
- done
+ proto=`(echo $j | awk '/:/ {split($0,a,":"); print a[1]}')`
+ port=`(echo $j | sed -e 's/.*://1')`
+ ${fwcmd} add pass ${proto:-tcp} from $i to me ${port}
+ done
done
# Allow all connections from trusted IPs.
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?139a3a1b0708190248w66b746f9w313600578334572>