diff options
author | danny <danny@FreeBSD.org> | 1997-10-21 00:54:08 +0000 |
---|---|---|
committer | danny <danny@FreeBSD.org> | 1997-10-21 00:54:08 +0000 |
commit | 868b6abbca3ae8837ad72e211bfbceb794c6f5fa (patch) | |
tree | f1eea536817b1a09a2ad60401681b49b848353d0 /etc/rc.firewall | |
parent | fe9a1c7666a0ebba198a4dca013a28f9409971db (diff) | |
download | FreeBSD-src-868b6abbca3ae8837ad72e211bfbceb794c6f5fa.zip FreeBSD-src-868b6abbca3ae8837ad72e211bfbceb794c6f5fa.tar.gz |
MF22 - make firewall_type a little more robust
Diffstat (limited to 'etc/rc.firewall')
-rw-r--r-- | etc/rc.firewall | 15 |
1 files changed, 6 insertions, 9 deletions
diff --git a/etc/rc.firewall b/etc/rc.firewall index eeedc39..aa7a248 100644 --- a/etc/rc.firewall +++ b/etc/rc.firewall @@ -1,6 +1,6 @@ ############ # Setup system for firewall service. -# $Id: rc.firewall,v 1.13 1997/09/11 10:59:00 danny Exp $ +# $Id: rc.firewall,v 1.14 1997/09/18 22:43:42 danny Exp $ ############ # Define the firewall type in /etc/rc.conf. Valid values are: @@ -62,19 +62,16 @@ $fwcmd -f flush # $fwcmd add 65000 pass all from any to any ############ -# Only in rare cases do you want to change this rule -$fwcmd add 1000 pass all from 127.0.0.1 to 127.0.0.1 +# Only in rare cases do you want to change these rules +$fwcmd add 1000 pass all from any to any via lo0 +$fwcmd add 1010 deny all from 127.0.0.0/8 to 127.0.0.0/8 # Prototype setups. -if [ "${firewall_type}" = "open" ]; then +if [ "${firewall_type}" = "open" -o "${firewall_type}" = "OPEN" ]; then $fwcmd add 65000 pass all from any to any -elif [ "${firewall_type}" = "simple" ]; then - - $fwcmd add 65000 pass all from any to any via lo0 - elif [ "${firewall_type}" = "client" ]; then ############ @@ -170,6 +167,6 @@ elif [ "${firewall_type}" = "simple" ]; then # Everything else is denied as default. -elif [ "${firewall_type}" != "NONE" -a -r "${firewall_type}" ]; then +elif [ "${firewall_type}" != "UNKNOWN" -a -r "${firewall_type}" ]; then $fwcmd ${firewall_type} fi |