Re: Firewall rules / Proper directory
I've made a /etc/rc.firewall.local I may rename it in the future to stand out more, but we'll see how it goes for now. Neat. Have fun with the new firewall ruleset then. Thanks. I wish it wasn't necessary, but the server runs MySQL and if I turn TCPwrappers on, someone just trying to connect a few times creates a DOS on it. I've tried before to bring this up with the MySQL people with no luck. Thanks, Tuc ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Firewall rules / Proper directory
On 2007-08-02 14:49, Tuc at T-B-O-H.NET [EMAIL PROTECTED] wrote: Giorgos Keramidas wrote: On 2007-08-02 12:36, Tuc at T-B-O-H.NET [EMAIL PROTECTED] wrote: Hi, I'm developing firewall rules for a machine, and I'm wondering what the standard is for putting my version of an ipfw firewall_script? I usually save my rules in '/etc/pf.conf' or '/etc/ipfw.rules'. It's not like the '/etc' directory is a please do not touch area. Thanks... I always DO try to keep things out of /etc if at all possible, I regard that as system space, and if I do trespass into it its usually a file or directory previously allocated for that (/etc/rc.conf, /etc/mail/*). That's ok, but it's not like the world is going to end if you add a bit of customization to '/etc' files. We have mergemaster(8) to make sure these local updates and customizations are not lost when you upgrade :-) I've made a /etc/rc.firewall.local I may rename it in the future to stand out more, but we'll see how it goes for now. Neat. Have fun with the new firewall ruleset then. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Firewall rules / Proper directory
Hi, I'm developing firewall rules for a machine, and I'm wondering what the standard is for putting my version of an ipfw firewall_script? I'd normally drop it onto /usr/local/etc somewhere, but my /u/l/e is an NFS filesystem, and according to rcorder it starts ipfw WAY before the nfsclient. I don't want to stomp on /etc/rc.firewall, I like having it as a reference and one less thing to have to worry about mergemaster overwriting. Thanks, Tuc ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Firewall rules / Proper directory
On Thu, 2 Aug 2007 12:36:51 -0400 (EDT) Tuc at T-B-O-H.NET [EMAIL PROTECTED] wrote: Hi, I'm developing firewall rules for a machine, and I'm wondering what the standard is for putting my version of an ipfw firewall_script? I'd normally drop it onto /usr/local/etc somewhere, but my /u/l/e is an NFS filesystem, and according to rcorder it starts ipfw WAY before the nfsclient. I don't want to stomp on /etc/rc.firewall, I like having it as a reference and one less thing to have to worry about mergemaster overwriting. cp /etc/rc.firewall /etc/my.firewall add to rc.conf: firewall_script=/etc/my.firewall ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Firewall rules / Proper directory
On 2007-08-02 12:36, Tuc at T-B-O-H.NET [EMAIL PROTECTED] wrote: Hi, I'm developing firewall rules for a machine, and I'm wondering what the standard is for putting my version of an ipfw firewall_script? I usually save my rules in '/etc/pf.conf' or '/etc/ipfw.rules'. It's not like the '/etc' directory is a please do not touch area. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Firewall rules / Proper directory
On 2007-08-02 12:36, Tuc at T-B-O-H.NET [EMAIL PROTECTED] wrote: Hi, I'm developing firewall rules for a machine, and I'm wondering what the standard is for putting my version of an ipfw firewall_script? I usually save my rules in '/etc/pf.conf' or '/etc/ipfw.rules'. It's not like the '/etc' directory is a please do not touch area. Thanks... I always DO try to keep things out of /etc if at all possible, I regard that as system space, and if I do trespass into it its usually a file or directory previously allocated for that (/etc/rc.conf, /etc/mail/*). I've made a /etc/rc.firewall.local I may rename it in the future to stand out more, but we'll see how it goes for now. Thanks, Tuc ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]