Date: Tue, 14 Oct 1997 06:52:49 -0400 (EDT) From: hometeam@techpower.net To: Studded <Studded@dal.net> Cc: "freebsd-stable@freebsd.org" <freebsd-stable@FreeBSD.ORG> Subject: Re: Problem with rc.conf/rc.firewall Message-ID: <Pine.BSF.3.96.971014064407.29758A-100000@techpower.net> In-Reply-To: <199710140043.RAA27934@mail.san.rr.com>
next in thread | previous in thread | raw e-mail | index | archive | help
I have allways put the option in rc.conf ,...Not firewall="YES"
firewall="open" simple or what ever.. you don't need to change anything in
rc.firewall other then your filters.
I didn't see much problem with it myself. I guess a info file
would be a plus . allthough most on here are will to help
and answers giving quickly.
why don't you write one....?<g>
On Mon, 13 Oct 1997, Studded wrote:
>
> Using 2.2.5-971012-BETA I upgraded my system with the tried and
> true make world + fold in /etc changes method. It completed without
> errors (after I removed the -j 2 from make *grumble*) and then I made
> the kernel from the same kernel config file I used with the
> 2.2-970901-STABLE sources previously that included ipfw. I set the
> firewall option to YES in rc.conf, and set the type to OPEN.
>
> A gold star to anyone who has already spotted the problem, the
> rc.firewall script expects "${firewall_type}" = "open", not OPEN, and
> it bombed out. IMO putting the firewall_type option rc.conf is a big
> mistake. It loses big in functionality what little it makes up for in
> convenience, especially when I'm 600 miles from the machine.
>
> In order of importance, suggestion number one is to return the
> firewall_type option to rc.firewall, include firewall_quiet, and put a
> note below firewall_enable saying that there are options to set in
> rc.firewall if you enable it. This will reduce the likelihood of an
> error like mine, and has the added advantage of removing two
> little-used options from an already crowded rc.conf. Suggestion number
> two is to make the type open BY DEFAULT, and let the person change it
> if need be. There is really no reason to set up stumbling blocks that
> people don't need if they can be so easily avoided. Third, it would be
> nice if the script (and the rc scripts in general) were made case
> insensitive, either by some sh trick, or some OR statements. Finally a
> warning in rc.conf that the options are case sensitive would be a plus.
>
>
> I can produce diffs and send this as a PR if requested, but it
> is only a few lines in each place.
>
> Thanks,
>
> Doug
>
> *** Proud operator, designer and maintainer of the world's largest
> *** Internet Relay Chat server. 4,168 clients and still growing. :-)
> *** Try spider.dal.net on ports 6662-4 (Powered by FreeBSD)
>
>
hometeam@techpower.net
--We cannot all be masters, nor all masters
Cannot be truly follow'd--
-----BEGIN PGP MESSAGE-----
Version: 2.6.2
owEBqwBU/4kAlQMFADRCxNWhsddKSTR+6QEBelED/jzeC3btZfqSdIfrNoCgwUJJ
iNQ33UQoMyJ2ygkfl72xP5J79yml/F4P73GnNaDVbaMOmOG2NNAi5ElE73wRh54U
17kH+n5XnYeqekV8T2TG2Q6ex3UotXPyZ1vvrCrSxapOz6a4hh0GQeA55rcwLy2W
ROHwxfvaVsrX5iVOkRoerBFiC21lc3NhZ2UudHh0AAAAAA==
=jCvF
-----END PGP MESSAGE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.971014064407.29758A-100000>