Date: Sun, 8 Dec 2002 19:11:25 +0100 (CET) From: Michael Lyngbøl <lyngbol@bifrost.lyngbol.dk> To: FreeBSD-gnats-submit@FreeBSD.org Subject: conf/46103: /etc/rc.d/ipfilter; ipfilter_start() need to enable ipfilter Message-ID: <200212081811.gB8IBPOd009346@bifrost.lyngbol.dk>
next in thread | raw e-mail | index | archive | help
>Number: 46103
>Category: conf
>Synopsis: /etc/rc.d/ipfilter; ipfilter_start() need to enable ipfilter
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sun Dec 08 10:20:01 PST 2002
>Closed-Date:
>Last-Modified:
>Originator: Michael Lyngbøl
>Release: FreeBSD 5.0-CURRENT i386
>Organization:
>Environment:
System: FreeBSD bifrost 5.0-CURRENT FreeBSD 5.0-CURRENT #4: Fri Dec 6 23:56:04 CET 2002 lyngbol@bifrost:/usr/src/sys/i386/compile/BIFROST i386
>Description:
/etc/rc.d/ipfilter need to enable ipfilter in ipfilter_start().
Elseway a `/etc/rc.d/ipfilter restart' will disable ipfilter but not enable it again.
/etc/rc.d/ipfilter does work on boot as a kernel compiled with 'options IPFILTER' enables ipfilter.
>How-To-Repeat:
Run `/etc/rc.d/ipfilter restart' or do `/etc/rc.d/ipfilter stop' and `/etc/rc.d/ipfilter start'
>Fix:
--- /tmp/ipfilter Sat Dec 7 00:13:53 2002
+++ /etc/rc.d/ipfilter Sat Dec 7 00:14:33 2002
@@ -79,7 +79,7 @@
echo "Enabling ipfilter."
case ${OSTYPE} in
FreeBSD)
- ${ipfilter_program:-/sbin/ipf} -Fa
+ ${ipfilter_program:-/sbin/ipf} -E -Fa
if [ -r "${ipfilter_rules}" ]; then
${ipfilter_program:-/sbin/ipf} \
-f "${ipfilter_rules}" ${ipfilter_flags}
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200212081811.gB8IBPOd009346>