From owner-freebsd-stable Mon Oct 13 17:44:45 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id RAA06963 for stable-outgoing; Mon, 13 Oct 1997 17:44:45 -0700 (PDT) (envelope-from owner-freebsd-stable) Received: from mail.san.rr.com (mail-atm.san.rr.com [204.210.0.1]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id RAA06954 for ; Mon, 13 Oct 1997 17:44:30 -0700 (PDT) (envelope-from Studded@dal.net) Received: from dt5h1n61.san.rr.com (dt5h1n61.san.rr.com [204.210.31.97]) by mail.san.rr.com (8.8.7/8.8.7) with SMTP id RAA27934 for ; Mon, 13 Oct 1997 17:43:39 -0700 (PDT) Message-Id: <199710140043.RAA27934@mail.san.rr.com> From: "Studded" To: "freebsd-stable@freebsd.org" Date: Mon, 13 Oct 97 17:43:34 -0700 Reply-To: "Studded" Priority: Normal X-Mailer: PMMail 1.92 For OS/2 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Subject: Problem with rc.conf/rc.firewall Sender: owner-freebsd-stable@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Using 2.2.5-971012-BETA I upgraded my system with the tried and true make world + fold in /etc changes method. It completed without errors (after I removed the -j 2 from make *grumble*) and then I made the kernel from the same kernel config file I used with the 2.2-970901-STABLE sources previously that included ipfw. I set the firewall option to YES in rc.conf, and set the type to OPEN. A gold star to anyone who has already spotted the problem, the rc.firewall script expects "${firewall_type}" = "open", not OPEN, and it bombed out. IMO putting the firewall_type option rc.conf is a big mistake. It loses big in functionality what little it makes up for in convenience, especially when I'm 600 miles from the machine. In order of importance, suggestion number one is to return the firewall_type option to rc.firewall, include firewall_quiet, and put a note below firewall_enable saying that there are options to set in rc.firewall if you enable it. This will reduce the likelihood of an error like mine, and has the added advantage of removing two little-used options from an already crowded rc.conf. Suggestion number two is to make the type open BY DEFAULT, and let the person change it if need be. There is really no reason to set up stumbling blocks that people don't need if they can be so easily avoided. Third, it would be nice if the script (and the rc scripts in general) were made case insensitive, either by some sh trick, or some OR statements. Finally a warning in rc.conf that the options are case sensitive would be a plus. I can produce diffs and send this as a PR if requested, but it is only a few lines in each place. Thanks, Doug *** Proud operator, designer and maintainer of the world's largest *** Internet Relay Chat server. 4,168 clients and still growing. :-) *** Try spider.dal.net on ports 6662-4 (Powered by FreeBSD)