From owner-cvs-all Tue Oct 23 10:50: 1 2001 Delivered-To: cvs-all@freebsd.org Received: from mail.gmx.net (mail.gmx.net [213.165.64.20]) by hub.freebsd.org (Postfix) with SMTP id C4D8237B407 for ; Tue, 23 Oct 2001 10:49:55 -0700 (PDT) Received: (qmail 4571 invoked by uid 0); 23 Oct 2001 17:49:53 -0000 Received: from pd9508839.dip.t-dialin.net (HELO mail.gsinet.sittig.org) (217.80.136.57) by mail.gmx.net (mp004-rz3) with SMTP; 23 Oct 2001 17:49:53 -0000 Received: (qmail 9970 invoked from network); 23 Oct 2001 17:45:20 -0000 Received: from shell.gsinet.sittig.org (192.168.11.153) by mail.gsinet.sittig.org with SMTP; 23 Oct 2001 17:45:20 -0000 Received: (from sittig@localhost) by shell.gsinet.sittig.org (8.11.3/8.11.3) id f9NHjBS09957; Tue, 23 Oct 2001 19:45:11 +0200 (CEST) (envelope-from sittig) Date: Tue, 23 Oct 2001 19:45:11 +0200 From: Gerhard Sittig To: Darren Reed Cc: cvs-all@FreeBSD.ORG Subject: Re: cvs commit: src/etc rc.network Message-ID: <20011023194511.D97313@shell.gsinet.sittig.org> References: <20011023012512.A1596@hades.hell.gr> <58940.1003834403@axl.seasidesoftware.co.za> <20011023145506.C20345@hades.hell.gr> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20011023145506.C20345@hades.hell.gr>; from charon@labs.gr on Tue, Oct 23, 2001 at 02:55:06PM +0300 Organization: System Defenestrators Inc. Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Tue, Oct 23, 2001 at 14:55 +0300, Giorgos Keramidas wrote: > On Tue, Oct 23, 2001 at 12:53:23PM +0200, Sheldon Hearn wrote: > > On Tue, 23 Oct 2001 01:25:12 +0300, Giorgos Keramidas wrote: > > > With ipfilter_program set to "/sbin/ipf -Fa -f" (as rc.conf(5) says) > > > in /etc/defaults/rc.conf, this change breaks rc.network in the part > > > that calls `ipf -y'. The code calls: > > > > foo_program should never include flags. > > Yes, that's what I think too, but I'd hate to step on Darren's toes, > if he has these set like that for a purpose. I get the feeling this - inappropriate - setting of a _program variable is due to my misguided suggestion in PR conf/20202 which verbatimly made it into the FreeBSD start scripts. If it doesn't fit the usual rules feel free to correct it! :) After all I was a newbee to FreeBSD then (and still I'm not a guru or seasoned hacker:) as well as I understand Darren to do his daytime job with SunOS / Solaris and since he might need some hints on how his software fits even better into FreeBSD. I guess he will happily accept patches improving a wrong approach. Maybe there's need for the following parts: - ipfilter_program - ipfilter_prerules_flags - ipfilter_rules - ipfilter_postrules_flags ? The current situation comes from the fact that I wanted to have a single variable with the rules file only - to check for its existance (if such an additional constraints check matters). > After I posted my diff, > I saw Arjan de Vet had posted a patch that makes ipfilter_program work > with a value of "/sbin/ipf". Let's go for Arjan's changes instead. If there's already a correcting / much improving patch maybe it should be in the PR database? Darren Reed apparently works on FreeBSD tasks in bursts and might appreciate a PR with its better record / specific assignment more than a rushing by article buried in the high volume of a mailing list ... virtually yours 82D1 9B9C 01DC 4FB4 D7B4 61BE 3F49 4F77 72DE DA76 Gerhard Sittig true | mail -s "get gpg key" Gerhard.Sittig@gmx.net -- If you don't understand or are scared by any of the above ask your parents or an adult to help you. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message