On Monday, January 28, 2002, at 02:44 , David Raistrick wrote:
>
>>> no, the user _should_ making a point to see that configuration file.
>>> if
>>> they're changing /etc/rc.conf, they should be reading the
>>> corresponding
>>> defaults file. if they're changing /etc/rc.conf without previousl
> Well, it's FreeBSD policy to only send messages to one list.
>From "Rules of the road" at
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/eresources.html
No posting should be made to more than 2 mailing lists, and only to
2 when a clear and obvious need to post to both list
Here's a top-of-the-head "solution" to this kind of problem in general:
Make "mergemaster" smarter so that it could be easily told to warn
people about changes in the existence or behavior of config file
variables and fields and values as it processed the corresponding file.
P.S. I'd like to se
On Mon, Jan 28, 2002 at 12:17 -0800, David Raistrick wrote:
>
> It IS confusing though.
>
> Especially when man rc.conf says:
>
>firewall_enable (bool) Set to ``NO'' if you do not want have firewall
> rules loaded at startup, or ``YES'' if you do.
>
> that sort of implies that it would dis
> ipfw_firewall_rules_file={open,simple,etc,/etc/myfirewall.rule}
>
> The -stable firewalls are scripts, not rule files. Rule files are
> a different thing again :)
I understand that, however from a users point of view they would be handled
by the sample script.
> > If ipfw_firewall_rul
On Monday, January 28, 2002, at 12:19 , Nate Williams wrote:
>> i'm not trying to be mean, but if you don't read the docs
>
> A comment in a configuration file that the user should never have to see
> is considered documentation?
no, the user _should_ making a point to see that configuration fi
On Mon, Jan 28, 2002 at 03:36:50PM -0800, Albert Kinderman wrote:
> ls -l /usr/src/sys/conf/newvers.sh
>
> Jan 28 11:57 /usr/src/sys/conf/newvers.sh
>
> uname -a
>
> ... FreeBSD 4.5-STABLE Mon Jan 28 15:18:31
Not sure what your point is?
Kris
msg40809/pgp0.pgp
Description: PGP s
* Andrew Cowan ([EMAIL PROTECTED]) wrote:
> It is really to much work to change the script variable names in
> current, so that they relate exactly to what they do? eg.
> ipfw_load_firewall_rules={yes,no}
> ipfw_firewall_rules_file={open,simple,etc,/etc/myfirewall.rule}
The -stable
Nate Williams <[EMAIL PROTECTED]> types:
> > Note that "do not enable firewall" (which is implied by firewall_enable="NO")
> > is *not* equivalent to "disable firewall".
> Maybe we're having an English language question.
I'd say you are.
> If something isn't enabled, doesn't that imply that it'
Hello folks,
thanks to Ceri, Erik, Richard and Warner, who made the points, I'm
repeating here with a slight addition of mine.
In media res:
comparing defaults/rc.conf and "man rc.conf":
defaults/rc.conf:
firewall_enable="NO" # Set to YES to enable firewall functionality
man rc.conf:
firewa
What would the expected functionality be for this?
ipfw_enable=no
ipfw_firewall_enable=yes
And what would the expected funcationality be for this?
ipfw_enable=yes
ipfw_firewall_enable=no
I would expect the former to not load the ipfw module, so what does the
firewall enable option do?
I would
Sorry, but:
ipfw_enable=no
ipfw_firewall_enable=yes
Will still be confusing to newbies. I had to read the descriptions to see
what they did as they should like they do the same thing. It is really to
much work to change the script variable names in current, so that they
relate exactly to w
Ok, from my last mail I got the card working fine. So it was time to
tranfer it to a 3rd machine, my home router, as it's final resting place
and I have run into a new problemI am getting a error message of
wi0: mac read failed 5
I poked around in the code a little bit, but couldn't come up
I recently posted that I had a Linksys WDT11 PCI 802.11b adapter
working...well I was shuffling parts and machines today and the wireless
card got moved to a different machine, which unlike the previous one has
a functioning USB controller...so the card started failing with the "No
irq?!" message
> > Also, even *I* can't find answers to my questions with 30 minutes, and I
> > know where to look, so I find you statement, well, to be brutally
> > honest, both humerous and a little bit egotistical. :
>
> man rc.conf:
>
> firewall_enable
>(bool) Set to ``NO'' if you
On Mon, 28 Jan 2002, Nate Williams wrote:
> Also, even *I* can't find answers to my questions with 30 minutes, and I
> know where to look, so I find you statement, well, to be brutally
> honest, both humerous and a little bit egotistical. :
man rc.conf:
firewall_enable
On Mon, Jan 28, 2002 at 12:53:42PM -0700, Nate Williams wrote:
> > Note that "do not enable firewall" (which is implied by firewall_enable="NO")
> > is *not* equivalent to "disable firewall".
>
> Maybe we're having an English language question.
>
> If something isn't enabled, doesn't that imply
> Could you please explain how the following makes sense?
>
> 1) I enable ipfw in my kernel
> 2) I do not configure it to allow by default
> 3) I reboot with firewall_enable="NO"
> 4) The firewall defaults to allow
>
> If I set the default in my kernel config to deny, the
> : If I enable the clutch in my car, my car moves (assuming it's in gear).
> : If I disable it, the power is no longer going to the drive wheels.
>
> That's not quite right, but it is a good analogy. If you disable your
> clutch, then you are going to have to shift without it and deal with
> pu
On Mon, Jan 28, 2002 at 11:51:49AM -0800, Patrick Greenwell wrote:
> On Mon, 28 Jan 2002, Robert D. Hughes wrote:
>
> > While this will probably get me flamed to no end, users not reading the
> > docs and keeping up with advisories (sys admins are users too) is only
> > the cause of little things
1st off..
Warner: Sorry for sending my earlier reply w/o reading the whole thread.
Jacques: Would the proposed change (below) still require approval from the
security officer?
==
In light of all the recent ipfw hubub, I think I have a equitable solution
for all. Most or all of these have b
On Mon, 28 Jan 2002, Nate Williams wrote:
> > Note that "do not enable firewall" (which is implied by firewall_enable="NO")
> > is *not* equivalent to "disable firewall".
>
> Maybe we're having an English language question.
>
> If something isn't enabled, doesn't that imply that it's disabled?
In message: <[EMAIL PROTECTED]>
Nate Williams <[EMAIL PROTECTED]> writes:
: If I enable the clutch in my car, my car moves (assuming it's in gear).
: If I disable it, the power is no longer going to the drive wheels.
That's not quite right, but it is a good analogy. If you disable yo
Note: This was my last post on this issue as I find myself merely
repeating points that I've already made.(a cheer goes up from the
crowd...)
On Mon, 28 Jan 2002, Justin White wrote:
> instead of changing the way the system works, let's change the
> documentation. new people _should_ be reading
Serwus
I've been semi-consistently having my machine freeze up in a weird
way when attempting to run /sbin/dhclient when the Cabal Modem is
connected to an ep0 3Com 3C509 card. When I connect instead to the
xl0 card in the same machine, I have no problems at all. I'm just
partially looking into
> Note that "do not enable firewall" (which is implied by firewall_enable="NO")
> is *not* equivalent to "disable firewall".
Maybe we're having an English language question.
If something isn't enabled, doesn't that imply that it's disabled? Last
I checked, enabled/disabled were binary operatio
On Mon, 28 Jan 2002, Robert D. Hughes wrote:
> While this will probably get me flamed to no end, users not reading the
> docs and keeping up with advisories (sys admins are users too) is only
> the cause of little things like nimda, code red, and probably at least
> 90% of all the other problems
> > no, the user _should_ making a point to see that configuration file. if
> > they're changing /etc/rc.conf, they should be reading the corresponding
> > defaults file. if they're changing /etc/rc.conf without previously
> > reading the defaults file, too bad.
I have to definitely disagree
28 matches
Mail list logo
