FreeBSD Bugzilla – Attachment 92815 Details for
Bug 130555
[ipfilter] [rc.d] [patch] No good way to set ipfilter variables at boot time
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
file.diff
file.diff (text/plain), 1.26 KB, created by
G. Paul Ziemba
on 2009-01-14 18:30:01 UTC
(
hide
)
Description:
file.diff
Filename:
MIME Type:
Creator:
G. Paul Ziemba
Created:
2009-01-14 18:30:01 UTC
Size:
1.26 KB
patch
obsolete
>diff -ruN etc.orig/defaults/rc.conf etc.new/defaults/rc.conf >--- etc.orig/defaults/rc.conf 2008-11-12 08:27:20.000000000 -0800 >+++ etc.new/defaults/rc.conf 2009-01-14 09:46:23.000000000 -0800 >@@ -152,6 +152,7 @@ > ipfilter_rules="/etc/ipf.rules" # rules definition file for ipfilter, see > # /usr/src/contrib/ipfilter/rules for examples > ipfilter_flags="" # additional flags for ipfilter >+ipfilter_variables="" # <optionlist> for -T, see ipf(8) > ipnat_enable="NO" # Set to YES to enable ipnat functionality > ipnat_program="/sbin/ipnat" # where the ipnat program lives > ipnat_rules="/etc/ipnat.rules" # rules definition file for ipnat >diff -ruN etc.orig/rc.d/ipfilter etc.new/rc.d/ipfilter >--- etc.orig/rc.d/ipfilter 2008-01-27 23:55:44.000000000 -0800 >+++ etc.new/rc.d/ipfilter 2009-01-14 09:43:34.000000000 -0800 >@@ -30,6 +30,14 @@ > ipfilter_start() > { > echo "Enabling ipfilter." >+ if [ ! -z "${ipfilter_variables}" ]; then >+ # Can set ipfilter variables only when it is disabled, >+ # which flushes filter and nat rules >+ if [ `sysctl -n net.inet.ipf.fr_running` -gt 0 ]; then >+ ${ipfilter_program:-/sbin/ipf} -D >+ fi >+ ${ipfilter_program:-/sbin/ipf} -T "${ipfilter_variables}" >+ fi > if [ `sysctl -n net.inet.ipf.fr_running` -le 0 ]; then > ${ipfilter_program:-/sbin/ipf} -E > fi
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 130555
: 92815