From owner-freebsd-stable@FreeBSD.ORG  Tue May  3 16:15:08 2011
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 98AA01065707
	for <freebsd-stable@freebsd.org>; Tue,  3 May 2011 16:15:08 +0000 (UTC)
	(envelope-from kiri@pis.elm.toba-cmt.ac.jp)
Received: from pis.elm.toba-cmt.ac.jp (pis.elm.toba-cmt.ac.jp [202.26.248.196])
	by mx1.freebsd.org (Postfix) with ESMTP id 130EF8FC18
	for <freebsd-stable@freebsd.org>; Tue,  3 May 2011 16:15:06 +0000 (UTC)
Received: from kiri.pis.pis.elm.toba-cmt.ac.jp (localhost [127.0.0.1])
	by pis.elm.toba-cmt.ac.jp (8.14.3/8.14.2) with ESMTP id p43Fh92T041708
	for <freebsd-stable@freebsd.org>; Wed, 4 May 2011 00:43:09 +0900 (JST)
	(envelope-from kiri@pis.elm.toba-cmt.ac.jp)
Message-Id: <201105031543.p43Fh92T041708@pis.elm.toba-cmt.ac.jp>
Date: Wed, 04 May 2011 00:43:09 +0900
From: KIRIYAMA Kazuhiko <kiri@pis.elm.toba-cmt.ac.jp>
To: freebsd-stable@freebsd.org
In-Reply-To: <BANLkTik8cAOt1iAP1tOu0EVrRL07uHA8Ng@mail.gmail.com>
References: <BANLkTik8cAOt1iAP1tOu0EVrRL07uHA8Ng@mail.gmail.com>
User-Agent: Wanderlust/2.14.0 (Africa) SEMI/1.14.6 (Maruoka) FLIM/1.14.8
	(=?ISO-8859-4?Q?Shij=F2?=) APEL/10.6 MULE XEmacs/21.4 (patch 21)
	(Educational Television) (i386--freebsd)
MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka")
Content-Type: text/plain; charset=US-ASCII
X-Mailman-Approved-At: Tue, 03 May 2011 16:27:15 +0000
Subject: /etc/rc.d/ipfw can't deal with firewall_type?
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>, 
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 03 May 2011 16:15:08 -0000

Hi all,
Recently I upgraded to 8.2-STABLE and reconfigured natd + jailed box, but
all packets could not over nat box. I've researched and found
/etc/rc.firewall does not recieve argument of firewall_type. So ipfw does
not divert and natd could not be performed. The reason is /etc/rc.d/ipfw
incorrect. I think an patch below should be applyed to /etc/rc.d/ipfw. Is
there any problem to do this?

--- /etc/rc.d/ipfw.org	2011-05-03 18:19:28.000000000 +0900
+++ /etc/rc.d/ipfw	2011-05-03 22:08:14.000000000 +0900
@@ -35,15 +35,11 @@
 
 ipfw_start()
 {
-	local   _firewall_type
-
-	_firewall_type=$1
-
 	# set the firewall rules script if none was specified
 	[ -z "${firewall_script}" ] && firewall_script=/etc/rc.firewall
 
 	if [ -r "${firewall_script}" ]; then
-		/bin/sh "${firewall_script}" "${_firewall_type}"
+		/bin/sh "${firewall_script}" "${firewall_type}"
 		echo 'Firewall rules loaded.'
 	elif [ "`ipfw list 65535`" = "65535 deny ip from any to any" ]; then
 		echo 'Warning: kernel has firewall functionality, but' \