Re: where am I supposed to put my rc.firewall?
From: Peder Blom (dion_at_bredband.net)
Date: 01/31/04
- Previous message: Daniel Butler: "Re: FreeBSD 4.x or 5.x doesn't find hard drives to install to! [SATA]"
- In reply to: Chuck Swiger: "Re: where am I supposed to put my rc.firewall?"
- Next in thread: Chuck Swiger: "Re: where am I supposed to put my rc.firewall?"
- Reply: Chuck Swiger: "Re: where am I supposed to put my rc.firewall?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Sat, 31 Jan 2004 18:53:00 +0100 To: Chuck Swiger <cswiger@mac.com>
On Sat, 31 Jan 2004 10:50:19 -0500
Chuck Swiger <cswiger@mac.com> wrote:
> Peder Blom wrote:
> [ ... ]
> > Add this to your rc.conf: (instead of firewall_type=...):
> > firewall_script="/etc/grog.firewall"
> >
> > See /etc/defaults/rc.conf !
>
> While I won't speak against looking at /etc/defaults/rc.conf, setting
> firewall_type works fine; see the end of /etc/rc.firewall:
>
> *)
> if [ -r "${firewall_type}" ]; then
> ${fwcmd} ${firewall_flags} ${firewall_type}
> fi
> ;;
>
> --
> -Chuck
> _______________________________________________
Yes, that's the other way of doing it. The mentioning of scripts and the
fact that his file was in the form of a script made me assume that he
wanted to write his own script for setting up his firewall. On second
thought I realize that he might just as well want to do it your way and
define a set of rules to be read in by rc.firewall. (This might even be
the best solution).
I've never done it this way, but in this case I assume that you just
define the rules in '/etc/ERICS_firewall', thus:
--------------
add 100 pass all from any to any via lo0
add 200 deny all from any to 127.0.0.0/8
add 300 deny ip from 127.0.0.0/8 to any
add 600 allow all from any to any
--------------
Using your suggestions for rc.conf, of course.
Is this correct?
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
- Previous message: Daniel Butler: "Re: FreeBSD 4.x or 5.x doesn't find hard drives to install to! [SATA]"
- In reply to: Chuck Swiger: "Re: where am I supposed to put my rc.firewall?"
- Next in thread: Chuck Swiger: "Re: where am I supposed to put my rc.firewall?"
- Reply: Chuck Swiger: "Re: where am I supposed to put my rc.firewall?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
