Basic problem is that I sometimes make mistakes that are obvious
in retrospect. :-} So I tend to hack the firewall script with
which I start to add at "-t" flag, which prefixes each command
with "echo". That way, when it's run with "-t", I can see
what ipfw (or ip6fw) commands will be executed.
Basically, I thought that this might be useful to others. And
yeah, I got tired of hacking it in myself each time. :-}
If all else fails, consider it a teaching aid. :-)
Fix: Here you go. I haven't actually used the rc.firewall6, but
after hacking it, I did verify that I could make it spit
out commands (and that they even looked plausible).
Oh -- sorry; I don't have immediate access to a powered-on
-CURRENT box right now. The below ought to work just fine in
And my feelings won't be hurt if you use a different way to
cause the "test" invocation. "-t" just seemed mnemonic to me.
Season to taste; serve when done well.
Over to maintainer(s).
I think that this could be useful. Instead though I've made it just
depend on the value of $firewall_test; for example that could go into
rc.conf. Would you still like to see this go in?
For bugs that match the following
- Status Is In progress
- Untouched since 2018-01-01.
- Affects Base System OR Documentation
Reset to open status.
I did a quick pass but if you are getting this email it might be worthwhile to double check to see if this bug ought to be closed.