From owner-freebsd-current@FreeBSD.ORG Sun Aug 19 09:48:04 2007 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C6FF916A418 for ; Sun, 19 Aug 2007 09:48:04 +0000 (UTC) (envelope-from jacob.hart@gmail.com) Received: from rv-out-0910.google.com (rv-out-0910.google.com [209.85.198.186]) by mx1.freebsd.org (Postfix) with ESMTP id 9E49D13C457 for ; Sun, 19 Aug 2007 09:48:04 +0000 (UTC) (envelope-from jacob.hart@gmail.com) Received: by rv-out-0910.google.com with SMTP id l15so743410rvb for ; Sun, 19 Aug 2007 02:48:04 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:mime-version:content-type:x-google-sender-auth; b=e+W2gKgMY9kw626rxKXVGhBaXyFGU7vEC6jZpQZr0wJlw94ML0ERVbehHSI51OguC/S+d2Xvum6UVaxTfQVjpul6AFTO6BgsqBnUC73KcQCuH3LZZ82gKQjCi+w42J5ZsGweiaiZyFqjI64eXYuNuz7Om9U4HjtH5lMi7sq3xoQ= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:sender:to:subject:mime-version:content-type:x-google-sender-auth; b=SaSH/HLG2FcGRqETNG/IHWQLDZe7WSqMRpY5sCcJoKFW7mGn6U/S1jBHAFDmdipvD7KmGvmE2rAaikMIYG+osoSwms5dmwvenMVV/FUSu3htC1rGysHiZ+wIwTIfYYmhcMoZIkBsRoqjtEFFPnFI5rT7Qwe75Zrect5INT1//I8= Received: by 10.115.22.1 with SMTP id z1mr340358wai.1187516884295; Sun, 19 Aug 2007 02:48:04 -0700 (PDT) Received: by 10.114.150.11 with HTTP; Sun, 19 Aug 2007 02:48:04 -0700 (PDT) Message-ID: <139a3a1b0708190248w66b746f9w313600578334572@mail.gmail.com> Date: Sun, 19 Aug 2007 19:48:04 +1000 From: "Jacob Hart" Sender: jacob.hart@gmail.com To: freebsd-current@freebsd.org MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_Part_2730_32213699.1187516884264" X-Google-Sender-Auth: a22ff67fe54b99e0 Subject: Allow TCP/UDP services in /etc/rc.firewall X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 19 Aug 2007 09:48:04 -0000 ------=_Part_2730_32213699.1187516884264 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline Small patch that changes workstation profile in /etc/rc.firewall to allow UDP services. All ports without a protocol specifier are treated as TCP by default to keep backwards compatibility. For example, setting firewall_myservices="22 tcp:2000 udp:2001" in /etc/rc.conf creates ipfw rules for tcp ports 22,2000 and udp port 2001. -j ------=_Part_2730_32213699.1187516884264 Content-Type: text/x-patch; name="rc.firewall.diff" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="rc.firewall.diff" X-Attachment-Id: f_f5jcuyo1 LS0tIC9ldGMvcmMuZmlyZXdhbGwub3JpZwkyMDA3LTA4LTE5IDE4OjAzOjQzLjAwMDAwMDAwMCAr MTAwMAorKysgL2V0Yy9yYy5maXJld2FsbAkyMDA3LTA4LTE5IDE5OjE4OjQyLjAwMDAwMDAwMCAr MTAwMApAQCAtMzQ5LDggKzM0OSwxMCBAQAogCSMKIAlmb3IgaSBpbiAke2ZpcmV3YWxsX2FsbG93 c2VydmljZXN9IDsgZG8KIAkgIGZvciBqIGluICR7ZmlyZXdhbGxfbXlzZXJ2aWNlc30gOyBkbwot CSAgICAke2Z3Y21kfSBhZGQgcGFzcyB0Y3AgZnJvbSAkaSB0byBtZSAkagotCSAgZG9uZQorICAg ICAgICAgICAgcHJvdG89YChlY2hvICRqIHwgYXdrICcvOi8ge3NwbGl0KCQwLGEsIjoiKTsgcHJp bnQgYVsxXX0nKWAKKyAgICAgICAgICAgIHBvcnQ9YChlY2hvICRqIHwgc2VkIC1lICdzLy4qOi8v MScpYAorICAgICAgICAgICAgJHtmd2NtZH0gYWRkIHBhc3MgJHtwcm90bzotdGNwfSBmcm9tICRp IHRvIG1lICR7cG9ydH0KKyAgICAgICAgICBkb25lCiAJZG9uZQogCiAJIyBBbGxvdyBhbGwgY29u bmVjdGlvbnMgZnJvbSB0cnVzdGVkIElQcy4K ------=_Part_2730_32213699.1187516884264--