Date: Mon, 26 Jun 2000 23:41:06 -0700 From: Doug Barton <DougB@gorean.org> To: Gerhard Sittig <Gerhard.Sittig@gmx.net> Cc: security@FreeBSD.ORG Subject: Re: ipfilter hooks in rc.network Message-ID: <39584C82.988B2F1B@gorean.org> References: <20000626220852.M9883@speedy.gsinet>
next in thread | previous in thread | raw e-mail | index | archive | help
Gerhard Sittig wrote:
First, I'm not sure that -security is the right list for this, -current
or -hackers might be better. Second, while I support adding the ability
to more closely integrate ipfilter into the base, your patch's style is
drastically out of synch with the changes introduced recently. The
following is better style.
case ${ipfilter_enable} in
[Yy][Ee][Ss])
if [ -r "${ipfilter_rules}" ]; then
echo -n ' ipfilter'
ipf -Fa -f ${ipfilter_rules}
fi
case ${ipmon_flags} in
[Nn][Oo] | '')
;;
*)
echo -n ' ipmon'
ipmon ${ipmon_flags}
;;
esac
case ${ipnat} in
[Yy][Ee][Ss])
if [ -r "${ipnat_rules}" ]; then
echo -n ' ipnat'
ipnat -CF -f ${ipnat_rules}
else
echo -n ' ipnat enabled but no rules!'
fi
;;
esac
;;
esac
If you need any help with this, just let me know.
Doug
--
"Live free or die"
- State motto of my ancestral homeland, New Hampshire
Do YOU Yahoo!?
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?39584C82.988B2F1B>