Date: Wed, 04 May 2011 00:43:09 +0900 From: KIRIYAMA Kazuhiko <kiri@pis.elm.toba-cmt.ac.jp> To: freebsd-stable@freebsd.org Subject: /etc/rc.d/ipfw can't deal with firewall_type? Message-ID: <201105031543.p43Fh92T041708@pis.elm.toba-cmt.ac.jp> In-Reply-To: <BANLkTik8cAOt1iAP1tOu0EVrRL07uHA8Ng@mail.gmail.com> References: <BANLkTik8cAOt1iAP1tOu0EVrRL07uHA8Ng@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi all,
Recently I upgraded to 8.2-STABLE and reconfigured natd + jailed box, but
all packets could not over nat box. I've researched and found
/etc/rc.firewall does not recieve argument of firewall_type. So ipfw does
not divert and natd could not be performed. The reason is /etc/rc.d/ipfw
incorrect. I think an patch below should be applyed to /etc/rc.d/ipfw. Is
there any problem to do this?
--- /etc/rc.d/ipfw.org 2011-05-03 18:19:28.000000000 +0900
+++ /etc/rc.d/ipfw 2011-05-03 22:08:14.000000000 +0900
@@ -35,15 +35,11 @@
ipfw_start()
{
- local _firewall_type
-
- _firewall_type=$1
-
# set the firewall rules script if none was specified
[ -z "${firewall_script}" ] && firewall_script=/etc/rc.firewall
if [ -r "${firewall_script}" ]; then
- /bin/sh "${firewall_script}" "${_firewall_type}"
+ /bin/sh "${firewall_script}" "${firewall_type}"
echo 'Firewall rules loaded.'
elif [ "`ipfw list 65535`" = "65535 deny ip from any to any" ]; then
echo 'Warning: kernel has firewall functionality, but' \
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201105031543.p43Fh92T041708>