Date: Fri, 27 Feb 2009 13:13:53 -0500 From: Steve Bertrand <steve@ibctech.ca> To: freebsd-ipfw@freebsd.org Subject: Saving runtime created rules Message-ID: <49A82D61.4060509@ibctech.ca>
next in thread | raw e-mail | index | archive | help
I am frequently adding/changing/deleting IPFW rules on my FBSD powered Quagga edge routers, and often neglect to update the start up script. Fearing the disaster that would result if one of my routers reboots without a saved IPFW config, I went about creating a method to save runtime lists to be used at startup. I thought I'd share my experience. First, I deleted all of the actual rules from my startup sh script (/etc/ipfw.rules). I left all script variables and tables in this file. I then added ". /etc/ipfw.include" to the bottom of the script. Then: # ipfw list | \ # perl -nle 's/table\((\d+)\)/\"table($1)"/g; print "\$cmd $_";' \ # > /etc/ipfw.include # chown root:wheel /etc/ipfw.include && chmod 400 /etc/ipfw.include Now any time that I run that command pipeline, all rules are saved in the include file. This could be cronned, but I'm hesitant to go that far at this point, because there is no syntax checking at all. Cheers! Steve
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?49A82D61.4060509>