summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authoralex <alex@FreeBSD.org>1998-02-07 04:56:56 +0000
committeralex <alex@FreeBSD.org>1998-02-07 04:56:56 +0000
commitb888dc799850361078c09ab2553928cd2b5853d9 (patch)
treedc4769f9dcfce51e020f49d7fb481118d094ac12
parentd3baeeda1e135d3e3e0d724edeea82b87846ed9e (diff)
downloadFreeBSD-src-b888dc799850361078c09ab2553928cd2b5853d9.zip
FreeBSD-src-b888dc799850361078c09ab2553928cd2b5853d9.tar.gz
Don't assume that IP services are disabled just because firewall_enable
is not set to YES in rc.conf. Noticed by: Mikael Karpberg <karpen@ocean.campus.luth.se>
-rw-r--r--etc/network.subr9
-rw-r--r--etc/rc.d/netoptions9
-rw-r--r--etc/rc.d/network19
-rw-r--r--etc/rc.d/network29
-rw-r--r--etc/rc.d/network39
-rw-r--r--etc/rc.d/routing9
-rw-r--r--etc/rc.network9
7 files changed, 42 insertions, 21 deletions
diff --git a/etc/network.subr b/etc/network.subr
index f26fbd4..a3ef5d8 100644
--- a/etc/network.subr
+++ b/etc/network.subr
@@ -1,6 +1,6 @@
#!/bin/sh -
#
-# $Id: rc.network,v 1.14 1998/01/10 03:33:39 alex Exp $
+# $Id: rc.network,v 1.15 1998/02/01 00:20:56 wollman Exp $
# From: @(#)netstart 5.9 (Berkeley) 3/30/91
# Note that almost all the user-configurable behavior is no longer in
@@ -81,8 +81,11 @@ network_pass1() {
. /etc/rc.firewall
echo "Firewall rules loaded."
else
- echo "Warning: kernel has firewall functionality, but firewall rules are not enabled."
- echo " All ip services are disabled."
+ if ipfw l 65535 | grep deny; then
+ echo -n "Warning: kernel has firewall functionality, "
+ echo "but firewall rules are not enabled."
+ echo " All ip services are disabled."
+ fi
fi
fi
diff --git a/etc/rc.d/netoptions b/etc/rc.d/netoptions
index f26fbd4..a3ef5d8 100644
--- a/etc/rc.d/netoptions
+++ b/etc/rc.d/netoptions
@@ -1,6 +1,6 @@
#!/bin/sh -
#
-# $Id: rc.network,v 1.14 1998/01/10 03:33:39 alex Exp $
+# $Id: rc.network,v 1.15 1998/02/01 00:20:56 wollman Exp $
# From: @(#)netstart 5.9 (Berkeley) 3/30/91
# Note that almost all the user-configurable behavior is no longer in
@@ -81,8 +81,11 @@ network_pass1() {
. /etc/rc.firewall
echo "Firewall rules loaded."
else
- echo "Warning: kernel has firewall functionality, but firewall rules are not enabled."
- echo " All ip services are disabled."
+ if ipfw l 65535 | grep deny; then
+ echo -n "Warning: kernel has firewall functionality, "
+ echo "but firewall rules are not enabled."
+ echo " All ip services are disabled."
+ fi
fi
fi
diff --git a/etc/rc.d/network1 b/etc/rc.d/network1
index f26fbd4..a3ef5d8 100644
--- a/etc/rc.d/network1
+++ b/etc/rc.d/network1
@@ -1,6 +1,6 @@
#!/bin/sh -
#
-# $Id: rc.network,v 1.14 1998/01/10 03:33:39 alex Exp $
+# $Id: rc.network,v 1.15 1998/02/01 00:20:56 wollman Exp $
# From: @(#)netstart 5.9 (Berkeley) 3/30/91
# Note that almost all the user-configurable behavior is no longer in
@@ -81,8 +81,11 @@ network_pass1() {
. /etc/rc.firewall
echo "Firewall rules loaded."
else
- echo "Warning: kernel has firewall functionality, but firewall rules are not enabled."
- echo " All ip services are disabled."
+ if ipfw l 65535 | grep deny; then
+ echo -n "Warning: kernel has firewall functionality, "
+ echo "but firewall rules are not enabled."
+ echo " All ip services are disabled."
+ fi
fi
fi
diff --git a/etc/rc.d/network2 b/etc/rc.d/network2
index f26fbd4..a3ef5d8 100644
--- a/etc/rc.d/network2
+++ b/etc/rc.d/network2
@@ -1,6 +1,6 @@
#!/bin/sh -
#
-# $Id: rc.network,v 1.14 1998/01/10 03:33:39 alex Exp $
+# $Id: rc.network,v 1.15 1998/02/01 00:20:56 wollman Exp $
# From: @(#)netstart 5.9 (Berkeley) 3/30/91
# Note that almost all the user-configurable behavior is no longer in
@@ -81,8 +81,11 @@ network_pass1() {
. /etc/rc.firewall
echo "Firewall rules loaded."
else
- echo "Warning: kernel has firewall functionality, but firewall rules are not enabled."
- echo " All ip services are disabled."
+ if ipfw l 65535 | grep deny; then
+ echo -n "Warning: kernel has firewall functionality, "
+ echo "but firewall rules are not enabled."
+ echo " All ip services are disabled."
+ fi
fi
fi
diff --git a/etc/rc.d/network3 b/etc/rc.d/network3
index f26fbd4..a3ef5d8 100644
--- a/etc/rc.d/network3
+++ b/etc/rc.d/network3
@@ -1,6 +1,6 @@
#!/bin/sh -
#
-# $Id: rc.network,v 1.14 1998/01/10 03:33:39 alex Exp $
+# $Id: rc.network,v 1.15 1998/02/01 00:20:56 wollman Exp $
# From: @(#)netstart 5.9 (Berkeley) 3/30/91
# Note that almost all the user-configurable behavior is no longer in
@@ -81,8 +81,11 @@ network_pass1() {
. /etc/rc.firewall
echo "Firewall rules loaded."
else
- echo "Warning: kernel has firewall functionality, but firewall rules are not enabled."
- echo " All ip services are disabled."
+ if ipfw l 65535 | grep deny; then
+ echo -n "Warning: kernel has firewall functionality, "
+ echo "but firewall rules are not enabled."
+ echo " All ip services are disabled."
+ fi
fi
fi
diff --git a/etc/rc.d/routing b/etc/rc.d/routing
index f26fbd4..a3ef5d8 100644
--- a/etc/rc.d/routing
+++ b/etc/rc.d/routing
@@ -1,6 +1,6 @@
#!/bin/sh -
#
-# $Id: rc.network,v 1.14 1998/01/10 03:33:39 alex Exp $
+# $Id: rc.network,v 1.15 1998/02/01 00:20:56 wollman Exp $
# From: @(#)netstart 5.9 (Berkeley) 3/30/91
# Note that almost all the user-configurable behavior is no longer in
@@ -81,8 +81,11 @@ network_pass1() {
. /etc/rc.firewall
echo "Firewall rules loaded."
else
- echo "Warning: kernel has firewall functionality, but firewall rules are not enabled."
- echo " All ip services are disabled."
+ if ipfw l 65535 | grep deny; then
+ echo -n "Warning: kernel has firewall functionality, "
+ echo "but firewall rules are not enabled."
+ echo " All ip services are disabled."
+ fi
fi
fi
diff --git a/etc/rc.network b/etc/rc.network
index f26fbd4..a3ef5d8 100644
--- a/etc/rc.network
+++ b/etc/rc.network
@@ -1,6 +1,6 @@
#!/bin/sh -
#
-# $Id: rc.network,v 1.14 1998/01/10 03:33:39 alex Exp $
+# $Id: rc.network,v 1.15 1998/02/01 00:20:56 wollman Exp $
# From: @(#)netstart 5.9 (Berkeley) 3/30/91
# Note that almost all the user-configurable behavior is no longer in
@@ -81,8 +81,11 @@ network_pass1() {
. /etc/rc.firewall
echo "Firewall rules loaded."
else
- echo "Warning: kernel has firewall functionality, but firewall rules are not enabled."
- echo " All ip services are disabled."
+ if ipfw l 65535 | grep deny; then
+ echo -n "Warning: kernel has firewall functionality, "
+ echo "but firewall rules are not enabled."
+ echo " All ip services are disabled."
+ fi
fi
fi
OpenPOWER on IntegriCloud