From owner-freebsd-questions Tue Oct 15 11:33:33 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7EA0337B401 for ; Tue, 15 Oct 2002 11:33:32 -0700 (PDT) Received: from sage-one.net (adsl-65-71-135-137.dsl.crchtx.swbell.net [65.71.135.137]) by mx1.FreeBSD.org (Postfix) with ESMTP id ACB4243EA3 for ; Tue, 15 Oct 2002 11:33:29 -0700 (PDT) (envelope-from jackstone@sage-one.net) Received: from sagea (sagea [192.168.0.3]) by sage-one.net (8.11.6/8.11.6) with SMTP id g9FIWef38364; Tue, 15 Oct 2002 13:32:56 -0500 (CDT) (envelope-from jackstone@sage-one.net) Message-Id: <3.0.5.32.20021015133239.0136e5e8@mail.sage-one.net> X-Sender: jackstone@mail.sage-one.net X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.5 (32) Date: Tue, 15 Oct 2002 13:32:39 -0500 To: budsz From: "Jack L. Stone" Subject: Re: About rc.firewall Cc: FreeBSD-Questions In-Reply-To: <20021015173223.GA2352@kumprang.or.id> References: <3.0.5.32.20021015103018.0136e5e8@mail.sage-one.net> <200210151023430685.13684C4D@home.24cl.com> <20021015135723.GA1427@kumprang.or.id> <200210151023430685.13684C4D@home.24cl.com> <3.0.5.32.20021015103018.0136e5e8@mail.sage-one.net> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG At 12:32 AM 10.16.2002 +0700, budsz wrote: >On Tue, Oct 15, 2002 at 10:30:18AM -0500, Jack L. Stone wrote: >>Designating the type "open" will make your system set up wide open and can >>be useful when debugging the rc.firewall script and the kernel has been >>compiled to "deny all". If you want to the rc.firewall to load and bee >>effective though, you must modify it for your own use, incuding the proper >>designations of interfaces, ports, and rules. > >Sorry, I mean is: >What is the relation between firewall_type in /etc/rc.conf and the same >statement; firewall_type in rc.firewall? Is it enough if i only define >the firewall_type just once; In rc.firewall only? > >-- >budsz > No, you just need to set "type" in rc.conf. If you look closely at rc.firewall, it reads your rc.conf file to check the settings. Leave the type alone in rc.firewall. Hope this clarifies.... Best regards, Jack L. Stone, Administrator SageOne Net http://www.sage-one.net jackstone@sage-one.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message