From owner-freebsd-newbies@FreeBSD.ORG  Wed Dec 22 16:40:52 2004
Return-Path: <owner-freebsd-newbies@FreeBSD.ORG>
Delivered-To: freebsd-newbies@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 4E3AA16A4CE
	for <freebsd-newbies@FreeBSD.org>;
	Wed, 22 Dec 2004 16:40:52 +0000 (GMT)
Received: from wproxy.gmail.com (wproxy.gmail.com [64.233.184.197])
	by mx1.FreeBSD.org (Postfix) with ESMTP id DF97F43D39
	for <freebsd-newbies@FreeBSD.org>;
	Wed, 22 Dec 2004 16:40:51 +0000 (GMT)
	(envelope-from surricani@gmail.com)
Received: by wproxy.gmail.com with SMTP id 55so83wri
	for <freebsd-newbies@FreeBSD.org>;
	Wed, 22 Dec 2004 08:40:48 -0800 (PST)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
	s=beta; d=gmail.com;
	h=received:message-id:date:from:reply-to:to:subject:mime-version:content-type:content-transfer-encoding;
	b=oy0+XqpRxONYMeuYrH9Ez2WdDv4jUCy+CD9J+RXtAiQlKyvA4YBIqN/6hjwe/o39V5u2bcdBIJcsxakIm/Uskr/E9xv63Q09tV0KUfH3MbwyZfcvP7YAofI1UOj138lREkDOI/vUE1zWL4mlY3xSyDLgFL7Ox9nF+otBwTBRMQQ=
Received: by 10.54.45.71 with SMTP id s71mr8995wrs;
        Wed, 22 Dec 2004 08:40:48 -0800 (PST)
Received: by 10.54.2.66 with HTTP; Wed, 22 Dec 2004 08:40:48 -0800 (PST)
Message-ID: <4591fd91041222084071ae57b4@mail.gmail.com>
Date: Wed, 22 Dec 2004 17:40:48 +0100
From: "Dott. Surricani" <surricani@gmail.com>
To: freebsd-newbies@FreeBSD.org
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Subject: Problem with IPFILTER
X-BeenThere: freebsd-newbies@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: "Dott. Surricani" <surricani@gmail.com>
List-Id: Gathering place for new users <freebsd-newbies.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-newbies>,
	<mailto:freebsd-newbies-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-newbies>
List-Post: <mailto:freebsd-newbies@freebsd.org>
List-Help: <mailto:freebsd-newbies-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-newbies>,
	<mailto:freebsd-newbies-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Dec 2004 16:40:52 -0000

Hello everybody.

I've succesfully set up an Inclusive Firewall for my small Lan, how
explained in Chapter 24 of the Handbook,
with IPFILTER and ipnat (Either with kld modules).
I've included in rc.conf the lines neeeded and i've written custom
ipf.rules and ipnat.rules...

It's super, and work great, but I've got a problem/question:

each time I restart the server the rules are cleared and It leave all
packets enter and exit
an I have to type in the shell

ipf -Fa -f /etc/ipf.rules and
ipnat -CF -f /etc/ipnat.rules

It's very boring....

What I can do to automate this task?


Thanks all very much!!!!