ipfilter changes in rc.network (was: Re: cvs commit: src/etc rc.network)
On Tue, Oct 23, 2001 at 07:45:11PM +0200, Gerhard Sittig wrote: > > I get the feeling this - inappropriate - setting of a _program > variable is due to my misguided suggestion in PR conf/20202 > which verbatimly made it into the FreeBSD start scripts. If it > doesn't fit the usual rules feel free to correct it! :) After > all I was a newbee to FreeBSD then (and still I'm not a guru or > seasoned hacker:) as well as I understand Darren to do his > daytime job with SunOS / Solaris and since he might need some > hints on how his software fits even better into FreeBSD. I guess > he will happily accept patches improving a wrong approach. > > Maybe there's need for the following parts: > - ipfilter_program > - ipfilter_prerules_flags > - ipfilter_rules > - ipfilter_postrules_flags > ? The current situation comes from the fact that I wanted to > have a single variable with the rules file only - to check for > its existance (if such an additional constraints check matters). Done. I tested on my -current (compiled on Oct 22) the patch you can find at http://labs.gr/~charon/patches/diff.04.ipf-rc-U It is functionally equivalent to our current rc.network behavior, but it uses the variables you proposed, and it moves all the flags out of all the XXX_program variables. Comments on this are more than welcome... -giorgos To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: ipfilter changes in rc.network (was: Re: cvs commit: src/etc rc.network)
In article <[EMAIL PROTECTED]> you write: >Done. I tested on my -current (compiled on Oct 22) the patch you can >find at http://labs.gr/~charon/patches/diff.04.ipf-rc-U >It is functionally equivalent to our current rc.network behavior, but >it uses the variables you proposed, and it moves all the flags out of >all the XXX_program variables. > >Comments on this are more than welcome... Hmm, yesterday I submitted a PR (conf/31482) with -stable and -current patches (for rc.conf.5 too) doing almost the same cleanup. I'm happy to see I'm not the only one who wants to see some cleanups (including bugfixes) to the ipfilter /etc/rc.* code and manual pages :). Arjan -- Arjan de Vet, Eindhoven, The Netherlands <[EMAIL PROTECTED]> URL: http://www.iae.nl/users/devet/ <[EMAIL PROTECTED]> To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: ipfilter changes in rc.network (was: Re: cvs commit: src/etc rc.network)
In some email I received from Giorgos Keramidas, sie wrote: > On Tue, Oct 23, 2001 at 07:45:11PM +0200, Gerhard Sittig wrote: > > > > I get the feeling this - inappropriate - setting of a _program > > variable is due to my misguided suggestion in PR conf/20202 > > which verbatimly made it into the FreeBSD start scripts. If it > > doesn't fit the usual rules feel free to correct it! :) After > > all I was a newbee to FreeBSD then (and still I'm not a guru or > > seasoned hacker:) as well as I understand Darren to do his > > daytime job with SunOS / Solaris and since he might need some > > hints on how his software fits even better into FreeBSD. I guess > > he will happily accept patches improving a wrong approach. > > > > Maybe there's need for the following parts: > > - ipfilter_program > > - ipfilter_prerules_flags > > - ipfilter_rules > > - ipfilter_postrules_flags > > ? The current situation comes from the fact that I wanted to > > have a single variable with the rules file only - to check for > > its existance (if such an additional constraints check matters). > > Done. I tested on my -current (compiled on Oct 22) the patch you can > find at http://labs.gr/~charon/patches/diff.04.ipf-rc-U > It is functionally equivalent to our current rc.network behavior, but > it uses the variables you proposed, and it moves all the flags out of > all the XXX_program variables. How many of the patches at http://labs.gr/~charon/patches/ should go into FreeBSD-current ? Darren To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: ipfilter changes in rc.network (was: Re: cvs commit: src/etc rc.network)
In article <[EMAIL PROTECTED]> you write: >How many of the patches at http://labs.gr/~charon/patches/ should go into >FreeBSD-current ? > >Darren I wrote similar patches (see http://home.iae.nl/users/devet/freebsd/) trying to fix more or less the same bugs/problems. Maybe it's a good idea if Giorgos and I together come up with 1 'big' ipfilter /etc/rc.* and rc.conf.5 patch which includes the best parts of both our patches? Arjan -- Arjan de Vet, Eindhoven, The Netherlands <[EMAIL PROTECTED]> URL: http://www.iae.nl/users/devet/ <[EMAIL PROTECTED]> To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: ipfilter changes in rc.network (was: Re: cvs commit: src/etc rc.network)
In some email I received from Arjan de Vet, sie wrote: > In article <[EMAIL PROTECTED]> you write: > > >How many of the patches at http://labs.gr/~charon/patches/ should go into > >FreeBSD-current ? > > > >Darren > > I wrote similar patches (see http://home.iae.nl/users/devet/freebsd/) > trying to fix more or less the same bugs/problems. > > Maybe it's a good idea if Giorgos and I together come up with 1 'big' > ipfilter /etc/rc.* and rc.conf.5 patch which includes the best parts of > both our patches? That sounds like a good plan. Darren To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: ipfilter changes in rc.network (was: Re: cvs commit: src/etc rc.network)
On Fri, Oct 26, 2001 at 09:21:37PM +1000, Darren Reed wrote: > In some email I received from Arjan de Vet, sie wrote: > > In article <[EMAIL PROTECTED]> you write: > > >How many of the patches at http://labs.gr/~charon/patches/ should go into > > >FreeBSD-current ? > > > > I wrote similar patches (see http://home.iae.nl/users/devet/freebsd/) > > trying to fix more or less the same bugs/problems. > > > > Maybe it's a good idea if Giorgos and I together come up with 1 'big' > > ipfilter /etc/rc.* and rc.conf.5 patch which includes the best parts of > > both our patches? > > That sounds like a good plan. Yep, it sounds very good to me too. I've already got myself a copy of Arjan's diffs since last night that I saw his PR, and we'll probably use mail, IRC or something to work out the details. I have a weekend that I want interesting things to do with, and working on this is a very good idea. Darren, sorry for flooding you in email these last few days. When Arjan and I have come up with something that works nice and smooth, we'll let you know :))) -giorgos To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
