Date: Fri, 10 Apr 2020 13:35:30 -0700 From: Michael Sierchio <kudzu@tenebras.com> To: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: Cron config for ipfw table Message-ID: <CAHu1Y70E6h0-yNYJuf4my0eb%2Bfs33q2purpA5nbtJrWyKOjmFQ@mail.gmail.com> In-Reply-To: <44blnzta6s.fsf@be-well.ilk.org> References: <dba61fc0-ca97-d066-06f7-61273e80765b@cloudzeeland.nl> <44blnzta6s.fsf@be-well.ilk.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Apr 10, 2020 at 12:26 PM Lowell Gilbert < freebsd-questions-local@be-well.ilk.org> wrote: > Jos Chrispijn <bsduser@cloudzeeland.nl> writes: > > > I have added a line to my crontab that defines running a script on > reboot: > > > > @reboot bash /root/cronjobs/reboot.sh & > > > > This (bash) .sh script should add an updated ipfw table (preventing I > > have to run his action manually) but unfortunately no script is > > executed on reboot. > > > > - script is executable > > - no action is mentioned in /var/log/cron > > > > Can you tell me what I do wrong here? Perhaps scheduling this action > > _after_ reboot would be the solution? > > Is there any reason that you can't use the system's standard ipfw script > for that? > > I would suggest just putting the reference to loading tables in your ipfw script. I never use the default. in /etc/rc.conf: firewall_enable="YES" firewall_script="/etc/ipfw/rc.ipfw" in /etc/ipfw/rc.ipfw: ################################################################################ # load tables in background lockf -kst 30 /tmp/fw-wl.lck ipfw-table-update whitelist & lockf -kst 30 /tmp/fw-bl.lck ipfw-table-update blacklist & lockf -kst 30 /tmp/cp-bl.lck ipfw-table-update cloudips & ipfw-table-update <table> looks for .txt files in /etc/ipfw/<table> and creates and loads the table (it's a little more than that, since each table has an alternate to permit atomic table updates) components of the blacklist are updated several times an hour or several times a day. The script may be run manually, of course. -- "Well," Brahmā said, "even after ten thousand explanations, a fool is no wiser, but an intelligent person requires only two thousand five hundred." - The Mahābhārata
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAHu1Y70E6h0-yNYJuf4my0eb%2Bfs33q2purpA5nbtJrWyKOjmFQ>