diff options
author | alex <alex@FreeBSD.org> | 1998-02-07 04:56:56 +0000 |
---|---|---|
committer | alex <alex@FreeBSD.org> | 1998-02-07 04:56:56 +0000 |
commit | b888dc799850361078c09ab2553928cd2b5853d9 (patch) | |
tree | dc4769f9dcfce51e020f49d7fb481118d094ac12 | |
parent | d3baeeda1e135d3e3e0d724edeea82b87846ed9e (diff) | |
download | FreeBSD-src-b888dc799850361078c09ab2553928cd2b5853d9.zip FreeBSD-src-b888dc799850361078c09ab2553928cd2b5853d9.tar.gz |
Don't assume that IP services are disabled just because firewall_enable
is not set to YES in rc.conf.
Noticed by: Mikael Karpberg <karpen@ocean.campus.luth.se>
-rw-r--r-- | etc/network.subr | 9 | ||||
-rw-r--r-- | etc/rc.d/netoptions | 9 | ||||
-rw-r--r-- | etc/rc.d/network1 | 9 | ||||
-rw-r--r-- | etc/rc.d/network2 | 9 | ||||
-rw-r--r-- | etc/rc.d/network3 | 9 | ||||
-rw-r--r-- | etc/rc.d/routing | 9 | ||||
-rw-r--r-- | etc/rc.network | 9 |
7 files changed, 42 insertions, 21 deletions
diff --git a/etc/network.subr b/etc/network.subr index f26fbd4..a3ef5d8 100644 --- a/etc/network.subr +++ b/etc/network.subr @@ -1,6 +1,6 @@ #!/bin/sh - # -# $Id: rc.network,v 1.14 1998/01/10 03:33:39 alex Exp $ +# $Id: rc.network,v 1.15 1998/02/01 00:20:56 wollman Exp $ # From: @(#)netstart 5.9 (Berkeley) 3/30/91 # Note that almost all the user-configurable behavior is no longer in @@ -81,8 +81,11 @@ network_pass1() { . /etc/rc.firewall echo "Firewall rules loaded." else - echo "Warning: kernel has firewall functionality, but firewall rules are not enabled." - echo " All ip services are disabled." + if ipfw l 65535 | grep deny; then + echo -n "Warning: kernel has firewall functionality, " + echo "but firewall rules are not enabled." + echo " All ip services are disabled." + fi fi fi diff --git a/etc/rc.d/netoptions b/etc/rc.d/netoptions index f26fbd4..a3ef5d8 100644 --- a/etc/rc.d/netoptions +++ b/etc/rc.d/netoptions @@ -1,6 +1,6 @@ #!/bin/sh - # -# $Id: rc.network,v 1.14 1998/01/10 03:33:39 alex Exp $ +# $Id: rc.network,v 1.15 1998/02/01 00:20:56 wollman Exp $ # From: @(#)netstart 5.9 (Berkeley) 3/30/91 # Note that almost all the user-configurable behavior is no longer in @@ -81,8 +81,11 @@ network_pass1() { . /etc/rc.firewall echo "Firewall rules loaded." else - echo "Warning: kernel has firewall functionality, but firewall rules are not enabled." - echo " All ip services are disabled." + if ipfw l 65535 | grep deny; then + echo -n "Warning: kernel has firewall functionality, " + echo "but firewall rules are not enabled." + echo " All ip services are disabled." + fi fi fi diff --git a/etc/rc.d/network1 b/etc/rc.d/network1 index f26fbd4..a3ef5d8 100644 --- a/etc/rc.d/network1 +++ b/etc/rc.d/network1 @@ -1,6 +1,6 @@ #!/bin/sh - # -# $Id: rc.network,v 1.14 1998/01/10 03:33:39 alex Exp $ +# $Id: rc.network,v 1.15 1998/02/01 00:20:56 wollman Exp $ # From: @(#)netstart 5.9 (Berkeley) 3/30/91 # Note that almost all the user-configurable behavior is no longer in @@ -81,8 +81,11 @@ network_pass1() { . /etc/rc.firewall echo "Firewall rules loaded." else - echo "Warning: kernel has firewall functionality, but firewall rules are not enabled." - echo " All ip services are disabled." + if ipfw l 65535 | grep deny; then + echo -n "Warning: kernel has firewall functionality, " + echo "but firewall rules are not enabled." + echo " All ip services are disabled." + fi fi fi diff --git a/etc/rc.d/network2 b/etc/rc.d/network2 index f26fbd4..a3ef5d8 100644 --- a/etc/rc.d/network2 +++ b/etc/rc.d/network2 @@ -1,6 +1,6 @@ #!/bin/sh - # -# $Id: rc.network,v 1.14 1998/01/10 03:33:39 alex Exp $ +# $Id: rc.network,v 1.15 1998/02/01 00:20:56 wollman Exp $ # From: @(#)netstart 5.9 (Berkeley) 3/30/91 # Note that almost all the user-configurable behavior is no longer in @@ -81,8 +81,11 @@ network_pass1() { . /etc/rc.firewall echo "Firewall rules loaded." else - echo "Warning: kernel has firewall functionality, but firewall rules are not enabled." - echo " All ip services are disabled." + if ipfw l 65535 | grep deny; then + echo -n "Warning: kernel has firewall functionality, " + echo "but firewall rules are not enabled." + echo " All ip services are disabled." + fi fi fi diff --git a/etc/rc.d/network3 b/etc/rc.d/network3 index f26fbd4..a3ef5d8 100644 --- a/etc/rc.d/network3 +++ b/etc/rc.d/network3 @@ -1,6 +1,6 @@ #!/bin/sh - # -# $Id: rc.network,v 1.14 1998/01/10 03:33:39 alex Exp $ +# $Id: rc.network,v 1.15 1998/02/01 00:20:56 wollman Exp $ # From: @(#)netstart 5.9 (Berkeley) 3/30/91 # Note that almost all the user-configurable behavior is no longer in @@ -81,8 +81,11 @@ network_pass1() { . /etc/rc.firewall echo "Firewall rules loaded." else - echo "Warning: kernel has firewall functionality, but firewall rules are not enabled." - echo " All ip services are disabled." + if ipfw l 65535 | grep deny; then + echo -n "Warning: kernel has firewall functionality, " + echo "but firewall rules are not enabled." + echo " All ip services are disabled." + fi fi fi diff --git a/etc/rc.d/routing b/etc/rc.d/routing index f26fbd4..a3ef5d8 100644 --- a/etc/rc.d/routing +++ b/etc/rc.d/routing @@ -1,6 +1,6 @@ #!/bin/sh - # -# $Id: rc.network,v 1.14 1998/01/10 03:33:39 alex Exp $ +# $Id: rc.network,v 1.15 1998/02/01 00:20:56 wollman Exp $ # From: @(#)netstart 5.9 (Berkeley) 3/30/91 # Note that almost all the user-configurable behavior is no longer in @@ -81,8 +81,11 @@ network_pass1() { . /etc/rc.firewall echo "Firewall rules loaded." else - echo "Warning: kernel has firewall functionality, but firewall rules are not enabled." - echo " All ip services are disabled." + if ipfw l 65535 | grep deny; then + echo -n "Warning: kernel has firewall functionality, " + echo "but firewall rules are not enabled." + echo " All ip services are disabled." + fi fi fi diff --git a/etc/rc.network b/etc/rc.network index f26fbd4..a3ef5d8 100644 --- a/etc/rc.network +++ b/etc/rc.network @@ -1,6 +1,6 @@ #!/bin/sh - # -# $Id: rc.network,v 1.14 1998/01/10 03:33:39 alex Exp $ +# $Id: rc.network,v 1.15 1998/02/01 00:20:56 wollman Exp $ # From: @(#)netstart 5.9 (Berkeley) 3/30/91 # Note that almost all the user-configurable behavior is no longer in @@ -81,8 +81,11 @@ network_pass1() { . /etc/rc.firewall echo "Firewall rules loaded." else - echo "Warning: kernel has firewall functionality, but firewall rules are not enabled." - echo " All ip services are disabled." + if ipfw l 65535 | grep deny; then + echo -n "Warning: kernel has firewall functionality, " + echo "but firewall rules are not enabled." + echo " All ip services are disabled." + fi fi fi |