Attachment 92815 Details for Bug 130555 – file.diff

[patch] file.diff

file.diff (text/plain), 1.26 KB, created by G. Paul Ziemba on 2009-01-14 18:30:01 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: G. Paul Ziemba

Created: 2009-01-14 18:30:01 UTC

Size: 1.26 KB

patch

obsolete

>diff -ruN etc.orig/defaults/rc.conf etc.new/defaults/rc.conf
>--- etc.orig/defaults/rc.conf	2008-11-12 08:27:20.000000000 -0800
>+++ etc.new/defaults/rc.conf	2009-01-14 09:46:23.000000000 -0800
>@@ -152,6 +152,7 @@
> ipfilter_rules="/etc/ipf.rules"	# rules definition file for ipfilter, see
> 				# /usr/src/contrib/ipfilter/rules for examples
> ipfilter_flags=""		# additional flags for ipfilter
>+ipfilter_variables=""		# <optionlist> for -T, see ipf(8)
> ipnat_enable="NO"		# Set to YES to enable ipnat functionality
> ipnat_program="/sbin/ipnat"	# where the ipnat program lives
> ipnat_rules="/etc/ipnat.rules"	# rules definition file for ipnat
>diff -ruN etc.orig/rc.d/ipfilter etc.new/rc.d/ipfilter
>--- etc.orig/rc.d/ipfilter	2008-01-27 23:55:44.000000000 -0800
>+++ etc.new/rc.d/ipfilter	2009-01-14 09:43:34.000000000 -0800
>@@ -30,6 +30,14 @@
> ipfilter_start()
> {
> 	echo "Enabling ipfilter."
>+	if [ ! -z "${ipfilter_variables}" ]; then
>+		# Can set ipfilter variables only when it is disabled,
>+		# which flushes filter and nat rules
>+		if [ `sysctl -n net.inet.ipf.fr_running` -gt 0 ]; then
>+			${ipfilter_program:-/sbin/ipf} -D
>+		fi
>+		${ipfilter_program:-/sbin/ipf} -T "${ipfilter_variables}"
>+	fi
> 	if [ `sysctl -n net.inet.ipf.fr_running` -le 0 ]; then
> 		${ipfilter_program:-/sbin/ipf} -E
> 	fi

Actions: View | Diff

Attachments on bug 130555: 92815