Date: Sat, 18 Feb 2006 20:21:29 -0600 From: Vulpes Velox <v.velox@vvelox.net> Cc: freebsd-current@freebsd.org Subject: Re: Changes to IPFW start up scripts. [updated[ Message-ID: <20060218202129.60ce8f9c@vixen42.vulpes> In-Reply-To: <20060218170647.497340e7@vixen42.vulpes> References: <20060218170647.497340e7@vixen42.vulpes>
next in thread | previous in thread | raw e-mail | index | archive | help
--MP_v7rffujN8zALWD2cuj8YW0=
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
On Sat, 18 Feb 2006 17:06:47 -0600
Vulpes Velox <v.velox@vvelox.net> wrote:
> This adds in the ability to run /etc/rc.d/ipfw save
> or /etc/rc.d/ip6fw save. This saves it to /etc/rc.firewall.save
> or /etc/rc.firewall6.save. By setting the firewall type to LAST it
> the last save will be used.
I have updated them to save to /var/db/ipfw/ as suggested by Sean
Chittenden.
I also fixed the problem with the loopback stuff getting added more
than once.
It will now accept names for the files. ipfw start dog will
use /var/db/ipfw/dog. This applies to save as well.
--MP_v7rffujN8zALWD2cuj8YW0=
Content-Type: text/x-patch; name=rc.d_ip6fw.patch
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename=rc.d_ip6fw.patch
17a18,27
> extra_commands="save"
> save_cmd="ipfw_save"
>
> # Gets the name of the save to use.
> if [ ! -z $2 ]; then
> savename="$2"
> usingsave="yes"
> else
> savename="last"
> fi
31a42,48
> ipfw_save()
> {
> # Saves the firewall rules to /var/db/ipfw/$savename
> [ ! -d /var/db/ipfw ] && mkdir /var/db/ipfw && chmod go-rwx /var/db/ipfw
> ipfw list | awk '{print "${fwcmd} add " $0 }' > /var/db/ipfw/$savename.6
> }
>
33a51,58
> # Make sure the save file exists if one is specified.
> if [ ! -z $usingsave ]; then
> if [ ! -f "/var/db/ipfw/$savename.6" ]; then
> echo "Specified save does not exist"
> exit 1
> fi
> fi
>
42c67
< . "${ipv6_firewall_script}"
---
> . "${ipv6_firewall_script}" $savename
--MP_v7rffujN8zALWD2cuj8YW0=
Content-Type: text/x-patch; name=rc.d_ipfw.patch
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename=rc.d_ipfw.patch
18a19,29
> extra_commands="save"
> save_cmd="ipfw_save"
>
>
> #gets the name of the save to use
> if [ ! -z $2 ]; then
> savename="$2"
> usingsave="yes"
> else
> savename="last"
> fi
31a43,49
> ipfw_save()
> {
> # Saves the firewall rules to /var/db/ipfw/$savename
> [ ! -d /var/db/ipfw ] && mkdir /var/db/ipfw && chmod go-rwx /var/db/ipfw
> ipfw list | awk '{print "${fwcmd} add " $0 }' > /var/db/ipfw/$savename
> }
>
33a52,59
> # Make sure the save file exists if one is specified
> if [ ! -z $usingsave ]; then
> if [ ! -f "/var/db/ipfw/$savename" ]; then
> echo "Specified save does not exist"
> exit 1
> fi
> fi
>
38c64
< . "${firewall_script}"
---
> . "${firewall_script}" $savename
--MP_v7rffujN8zALWD2cuj8YW0=
Content-Type: application/octet-stream; name=rc.firewall
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename=rc.firewall
LS0tIC91c3Ivc3JjL2V0Yy9yYy5maXJld2FsbAlTdW4gTm92ICAyIDA3OjMxOjQ0IDIwMDMKKysr
IC9ldGMvcmMuZmlyZXdhbGwJU3VuIEZlYiAxOSAwOTowODo1MiAyMDA2CkBAIC0xNDMsNiArMTQz
LDE3IEBACiAJc2V0dXBfbG9vcGJhY2sKIAkke2Z3Y21kfSBhZGQgNjUwMDAgcGFzcyBhbGwgZnJv
bSBhbnkgdG8gYW55CiAJOzsKKwkKK1tMbF1bQWFdW1NzXVtUdF0pCisJIyBHZXRzIHRoZSBuYW1l
IG9mIHRoZSBzYXZlIHRvIHVzZS4KKwlpZiBbICEgLXogJDEgXTsgdGhlbgorCQlzYXZlbmFtZT0i
JDEiCisJZWxzZQorCQlzYXZlbmFtZT0ibGFzdCIKKwlmaQorCQorCS4gL3Zhci9kYi9pcGZ3LyRz
YXZlbmFtZQorCTs7CiAKIFtDY11bTGxdW0lpXVtFZV1bTm5dW1R0XSkKIAkjIyMjIyMjIyMjIyMK
--MP_v7rffujN8zALWD2cuj8YW0=
Content-Type: application/octet-stream; name=rc.firewall6
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename=rc.firewall6
LS0tIC91c3Ivc3JjL2V0Yy9yYy5maXJld2FsbDYJU3VuIERlYyAgNCAwODo0ODowNSAyMDA1Cisr
KyAvZXRjL3JjLmZpcmV3YWxsNglTdW4gRmViIDE5IDA5OjEzOjIwIDIwMDYKQEAgLTEwNSw2ICsx
MDUsMTcgQEAKIAkke2Z3NmNtZH0gYWRkIDY1MDAwIHBhc3MgYWxsIGZyb20gYW55IHRvIGFueQog
CTs7CiAKK1tMbF1bQWFdW1NzXVtUdF0pCisgICAgICAgICMgR2V0cyB0aGUgbmFtZSBvZiB0aGUg
c2F2ZSB0byB1c2UuCisJaWYgWyAhIC16ICQxIF07IHRoZW4KKwkJc2F2ZW5hbWU9IiQxIgorCWVs
c2UKKwkJc2F2ZW5hbWU9Imxhc3QiCisJZmkKKworCS4gL3Zhci9kYi9pcGZ3LyRzYXZlbmFtZS42
CisJOzsKKwogW0NjXVtMbF1bSWldW0VlXVtObl1bVHRdKQogCSMjIyMjIyMjIyMjIwogCSMgVGhp
cyBpcyBhIHByb3RvdHlwZSBzZXR1cCB0aGF0IHdpbGwgcHJvdGVjdCB5b3VyIHN5c3RlbSBzb21l
d2hhdAo=
--MP_v7rffujN8zALWD2cuj8YW0=--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060218202129.60ce8f9c>