Date: Sun, 8 Apr 2001 15:10:28 -0400 From: thomas r stromberg <l.ipfilter@rtci.com> To: Gert-Jan Vons <vons@iname.com> Cc: freebsd-stable@freebsd.org, ipfilter@coombs.anu.edu.au Subject: Broken rc.network for ipfilter w/ PR (was Re: How to install ipfilter..) Message-ID: <20010408151025.A34209@rtci.com> In-Reply-To: <5.1.0.12.2.20010407230631.00a688c0@mail.vons.local>; from vons@iname.com on Sun, Apr 08, 2001 at 11:13:58AM %2B0200 References: <5.1.0.12.2.20010407230631.00a688c0@mail.vons.local>
next in thread | previous in thread | raw e-mail | index | archive | help
> I added the four commands above to /etc/rc.network instead of using > FreeBSD's ipfilter support through rc.conf mechanism (it assumes that > ipfilter is built into the kernel) There is a PR with a patch sitting on this rc.network fuckup (oversight) that I'd really love to see committed for 4.3-RELEASE, but who knows if that's possible with the given timeline. http://www.freebsd.org/cgi/query-pr.cgi?pr=26275 I completely missed a previous PR on the same issue, but this one has a patch that will work no matter where $ipfilter_program is set to (hack), rather then hardcoding an ipfstat location. Patch also fixes it so that ipf.rules doesn't have to exist if your just setting up a NAT. This issue has been a pain in the ass when helping people setup ipnat.. so much so I actually recommend people to patch this on the bsdwiki entry: http://profile.sh/bsdwiki/index.php?Sharing%20your%20internet%20connection%20via%20ipnat -- : Thomas Stromberg work> tstromberg@rtci.com : : Research Triangle Commerce (ICC.net) home> thomas@stromberg.org : 'Every word is like an unnecessary stain on silence and nothingness' -- Beckett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010408151025.A34209>