From owner-freebsd-bugs Mon Sep 14 11:10:09 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id LAA15748 for freebsd-bugs-outgoing; Mon, 14 Sep 1998 11:10:09 -0700 (PDT) (envelope-from owner-freebsd-bugs@FreeBSD.ORG) Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id LAA15670 for ; Mon, 14 Sep 1998 11:10:03 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.8.8/8.8.5) id LAA01678; Mon, 14 Sep 1998 11:10:01 -0700 (PDT) Received: from passer.osg.gov.bc.ca (passer.osg.gov.bc.ca [142.32.110.29]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id LAA13842 for ; Mon, 14 Sep 1998 11:00:29 -0700 (PDT) (envelope-from cschuber@passer.osg.gov.bc.ca) Received: (from cschuber@localhost) by passer.osg.gov.bc.ca (8.8.8/8.6.10) id LAA23827; Mon, 14 Sep 1998 11:00:09 -0700 (PDT) Message-Id: <199809141800.LAA23827@passer.osg.gov.bc.ca> Date: Mon, 14 Sep 1998 11:00:09 -0700 (PDT) From: Cy Schubert Reply-To: cschuber@uumail.gov.bc.ca To: FreeBSD-gnats-submit@FreeBSD.ORG X-Send-Pr-Version: 3.2 Subject: conf/7928: Patch to allow execution of an IPFW shell script Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Number: 7928 >Category: conf >Synopsis: Patch to allow execution of an IPFW shell script >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Mon Sep 14 11:10:00 PDT 1998 >Last-Modified: >Originator: Cy Schubert >Organization: ITSD, Province of BC, Canada >Release: FreeBSD 2.2.7-RELEASE i386 >Environment: FreeBSD passer.osg.gov.bc.ca 2.2.7-RELEASE FreeBSD 2.2.7-RELEASE #0: Sat Aug 22 06:16:57 PDT 1998 root@passer.osg.gov.bc.ca:/opt/usr_src-227/src/sys/compile/PASSER i386 + CAM SCSI Patches >Description: rc.firewall can load a firewall from a file. This patch loads a firewall using a shell script. What this patch does is to determine whether the file being referenced is executable if it is, it assumes the file is a shell (or Perl) script. If it isn't, it assumes it is a regular file. This patch also fixes a bug to detect whether $firewall_type is a directory or a regular file. >How-To-Repeat: not relevant. >Fix: --- /etc/rc.firewall Tue Mar 24 17:56:48 1998 +++ /tmp/rc.firewall Mon Sep 14 10:58:29 1998 @@ -171,6 +171,8 @@ # Everything else is denied as default. -elif [ "${firewall_type}" != "UNKNOWN" -a -r "${firewall_type}" ]; then +elif [ "${firewall_type}" != "UNKNOWN" -a -r "${firewall_type}" -a -f "${firewall_type}" -a -x "${firewall_type}" ]; then + ${firewall_type} +elif [ "${firewall_type}" != "UNKNOWN" -a -r "${firewall_type}" -a -f "${firewall_type}" ]; then $fwcmd ${firewall_type} fi >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message