Date: Wed, 19 Jun 2019 16:09:56 +0000 From: bugzilla-noreply@freebsd.org To: ipfw@FreeBSD.org Subject: [Bug 238694] Configuring & using a customized IPFW rule set now causes additional rles to be (involuntarily) added Message-ID: <bug-238694-8303-rr4DhnEY0V@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-238694-8303@https.bugs.freebsd.org/bugzilla/>
index | next in thread | previous in thread | raw e-mail
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238694 Rodney W. Grimes <rgrimes@FreeBSD.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |rgrimes@FreeBSD.org Keywords| |regression --- Comment #1 from Rodney W. Grimes <rgrimes@FreeBSD.org> --- I concur that this is in fact a bug in the /etc/rc.firewall script. It is NOT a bug in the documentation. The documentation is correct, the behavior of the script is wrong. I suggest that the "mandatory" stuff that is always done is simply wrong to be always done, if in fact a file type script is being invoked I may very much want those "mandatory" rules in a different place and shall be allowed to do so. Further this is a change in past behavior causing a POLA violation. Had I been using firewall_type rather than firewall_script to point to my custom firewall this would of bit me too, and in not very pleasant ways. Besides, they are not actually mandatory from anything I can even remotely imagine. Technically you should even be able to remove lo0, but *sigh* that has also degerated over the years, as has hard coded 127.0.0.1 and ::1, which is a royal PITA for some. -- You are receiving this mail because: You are the assignee for the bug.help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-238694-8303-rr4DhnEY0V>