From b888dc799850361078c09ab2553928cd2b5853d9 Mon Sep 17 00:00:00 2001 From: alex Date: Sat, 7 Feb 1998 04:56:56 +0000 Subject: Don't assume that IP services are disabled just because firewall_enable is not set to YES in rc.conf. Noticed by: Mikael Karpberg --- etc/network.subr | 9 ++++++--- etc/rc.d/netoptions | 9 ++++++--- etc/rc.d/network1 | 9 ++++++--- etc/rc.d/network2 | 9 ++++++--- etc/rc.d/network3 | 9 ++++++--- etc/rc.d/routing | 9 ++++++--- etc/rc.network | 9 ++++++--- 7 files changed, 42 insertions(+), 21 deletions(-) (limited to 'etc') diff --git a/etc/network.subr b/etc/network.subr index f26fbd4..a3ef5d8 100644 --- a/etc/network.subr +++ b/etc/network.subr @@ -1,6 +1,6 @@ #!/bin/sh - # -# $Id: rc.network,v 1.14 1998/01/10 03:33:39 alex Exp $ +# $Id: rc.network,v 1.15 1998/02/01 00:20:56 wollman Exp $ # From: @(#)netstart 5.9 (Berkeley) 3/30/91 # Note that almost all the user-configurable behavior is no longer in @@ -81,8 +81,11 @@ network_pass1() { . /etc/rc.firewall echo "Firewall rules loaded." else - echo "Warning: kernel has firewall functionality, but firewall rules are not enabled." - echo " All ip services are disabled." + if ipfw l 65535 | grep deny; then + echo -n "Warning: kernel has firewall functionality, " + echo "but firewall rules are not enabled." + echo " All ip services are disabled." + fi fi fi diff --git a/etc/rc.d/netoptions b/etc/rc.d/netoptions index f26fbd4..a3ef5d8 100644 --- a/etc/rc.d/netoptions +++ b/etc/rc.d/netoptions @@ -1,6 +1,6 @@ #!/bin/sh - # -# $Id: rc.network,v 1.14 1998/01/10 03:33:39 alex Exp $ +# $Id: rc.network,v 1.15 1998/02/01 00:20:56 wollman Exp $ # From: @(#)netstart 5.9 (Berkeley) 3/30/91 # Note that almost all the user-configurable behavior is no longer in @@ -81,8 +81,11 @@ network_pass1() { . /etc/rc.firewall echo "Firewall rules loaded." else - echo "Warning: kernel has firewall functionality, but firewall rules are not enabled." - echo " All ip services are disabled." + if ipfw l 65535 | grep deny; then + echo -n "Warning: kernel has firewall functionality, " + echo "but firewall rules are not enabled." + echo " All ip services are disabled." + fi fi fi diff --git a/etc/rc.d/network1 b/etc/rc.d/network1 index f26fbd4..a3ef5d8 100644 --- a/etc/rc.d/network1 +++ b/etc/rc.d/network1 @@ -1,6 +1,6 @@ #!/bin/sh - # -# $Id: rc.network,v 1.14 1998/01/10 03:33:39 alex Exp $ +# $Id: rc.network,v 1.15 1998/02/01 00:20:56 wollman Exp $ # From: @(#)netstart 5.9 (Berkeley) 3/30/91 # Note that almost all the user-configurable behavior is no longer in @@ -81,8 +81,11 @@ network_pass1() { . /etc/rc.firewall echo "Firewall rules loaded." else - echo "Warning: kernel has firewall functionality, but firewall rules are not enabled." - echo " All ip services are disabled." + if ipfw l 65535 | grep deny; then + echo -n "Warning: kernel has firewall functionality, " + echo "but firewall rules are not enabled." + echo " All ip services are disabled." + fi fi fi diff --git a/etc/rc.d/network2 b/etc/rc.d/network2 index f26fbd4..a3ef5d8 100644 --- a/etc/rc.d/network2 +++ b/etc/rc.d/network2 @@ -1,6 +1,6 @@ #!/bin/sh - # -# $Id: rc.network,v 1.14 1998/01/10 03:33:39 alex Exp $ +# $Id: rc.network,v 1.15 1998/02/01 00:20:56 wollman Exp $ # From: @(#)netstart 5.9 (Berkeley) 3/30/91 # Note that almost all the user-configurable behavior is no longer in @@ -81,8 +81,11 @@ network_pass1() { . /etc/rc.firewall echo "Firewall rules loaded." else - echo "Warning: kernel has firewall functionality, but firewall rules are not enabled." - echo " All ip services are disabled." + if ipfw l 65535 | grep deny; then + echo -n "Warning: kernel has firewall functionality, " + echo "but firewall rules are not enabled." + echo " All ip services are disabled." + fi fi fi diff --git a/etc/rc.d/network3 b/etc/rc.d/network3 index f26fbd4..a3ef5d8 100644 --- a/etc/rc.d/network3 +++ b/etc/rc.d/network3 @@ -1,6 +1,6 @@ #!/bin/sh - # -# $Id: rc.network,v 1.14 1998/01/10 03:33:39 alex Exp $ +# $Id: rc.network,v 1.15 1998/02/01 00:20:56 wollman Exp $ # From: @(#)netstart 5.9 (Berkeley) 3/30/91 # Note that almost all the user-configurable behavior is no longer in @@ -81,8 +81,11 @@ network_pass1() { . /etc/rc.firewall echo "Firewall rules loaded." else - echo "Warning: kernel has firewall functionality, but firewall rules are not enabled." - echo " All ip services are disabled." + if ipfw l 65535 | grep deny; then + echo -n "Warning: kernel has firewall functionality, " + echo "but firewall rules are not enabled." + echo " All ip services are disabled." + fi fi fi diff --git a/etc/rc.d/routing b/etc/rc.d/routing index f26fbd4..a3ef5d8 100644 --- a/etc/rc.d/routing +++ b/etc/rc.d/routing @@ -1,6 +1,6 @@ #!/bin/sh - # -# $Id: rc.network,v 1.14 1998/01/10 03:33:39 alex Exp $ +# $Id: rc.network,v 1.15 1998/02/01 00:20:56 wollman Exp $ # From: @(#)netstart 5.9 (Berkeley) 3/30/91 # Note that almost all the user-configurable behavior is no longer in @@ -81,8 +81,11 @@ network_pass1() { . /etc/rc.firewall echo "Firewall rules loaded." else - echo "Warning: kernel has firewall functionality, but firewall rules are not enabled." - echo " All ip services are disabled." + if ipfw l 65535 | grep deny; then + echo -n "Warning: kernel has firewall functionality, " + echo "but firewall rules are not enabled." + echo " All ip services are disabled." + fi fi fi diff --git a/etc/rc.network b/etc/rc.network index f26fbd4..a3ef5d8 100644 --- a/etc/rc.network +++ b/etc/rc.network @@ -1,6 +1,6 @@ #!/bin/sh - # -# $Id: rc.network,v 1.14 1998/01/10 03:33:39 alex Exp $ +# $Id: rc.network,v 1.15 1998/02/01 00:20:56 wollman Exp $ # From: @(#)netstart 5.9 (Berkeley) 3/30/91 # Note that almost all the user-configurable behavior is no longer in @@ -81,8 +81,11 @@ network_pass1() { . /etc/rc.firewall echo "Firewall rules loaded." else - echo "Warning: kernel has firewall functionality, but firewall rules are not enabled." - echo " All ip services are disabled." + if ipfw l 65535 | grep deny; then + echo -n "Warning: kernel has firewall functionality, " + echo "but firewall rules are not enabled." + echo " All ip services are disabled." + fi fi fi -- cgit v1.1