From owner-freebsd-bugs  Mon Apr  5 10:21:59 1999
Delivered-To: freebsd-bugs@freebsd.org
Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21])
	by hub.freebsd.org (Postfix) with ESMTP id CA0AC150CA
	for <freebsd-bugs@FreeBSD.org>; Mon,  5 Apr 1999 10:21:57 -0700 (PDT)
	(envelope-from gnats@FreeBSD.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.9.2/8.9.2) id KAA04233;
	Mon, 5 Apr 1999 10:20:01 -0700 (PDT)
	(envelope-from gnats@FreeBSD.org)
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 7CC1215581; Mon,  5 Apr 1999 10:14:56 -0700 (PDT)
Message-Id: <19990405171456.7CC1215581@hub.freebsd.org>
Date: Mon,  5 Apr 1999 10:14:56 -0700 (PDT)
From: mvh@ix.netcom.com
To: freebsd-gnats-submit@freebsd.org
X-Send-Pr-Version: www-1.0
Subject: misc/10964: rc.firewall external file specification too limiting
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


>Number:         10964
>Category:       misc
>Synopsis:       rc.firewall external file specification too limiting
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Mon Apr  5 10:20:00 PDT 1999
>Closed-Date:
>Last-Modified:
>Originator:     Mike Harding
>Release:        3.1 Stable
>Organization:
stamps.com
>Environment:
FreeBSD netcom1.netcom.com 3.1-STABLE FreeBSD 3.1-STABLE #0: Tue Mar 30 18:28:29 PST 1999     mvh@netcom1.netcom.com:/usr/src/sys/compile/MIKE  i386

>Description:
Current rc.firewall file allows a filename to be specified rather
than the 'built-in' types.  The specified file is passed to the
$IPFS command.  This does not allow simple shell substitutions in the
file and precludes pasting old modified rc.firewall contents in such
a file.
>How-To-Repeat:
Examine /etc/rc.firewall.

>Fix:
Execute the file, rather than running $fwcmd ${firewall_type}.  This
would allow any operation, not just filtering rules to the firewall,
and would be compatible with the rest of the rc.firewall file.


>Release-Note:
>Audit-Trail:
>Unformatted:


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message