When creating a firewall rule, the rule number can be optionally manually entered.
---- Changes since 1.380 ----
On FreeBSD systems, the firewall is now enabled at boot using /etc/rc.conf, and the IPFW config file specified in rc.conf is now used automatically.
+---- Changes since 1.510 ----
+Added support for the firewall_script directive in /etc/rc.conf, as seen on FreeBSD 8.
if ($rc{'firewall_type'} =~ /^\//) {
$ipfw_file = $rc{'firewall_type'};
}
+ elsif ($rc{'firewall_script'} =~ /^\//) {
+ $ipfw_file = $rc{'firewall_script'};
+ }
}
@actions = ( "allow", "deny", "reject", "reset", "skipto", "fwd", "check-state",
# Disabled
return 0;
}
- elsif ($rc{'firewall_type'} eq $ipfw_file) {
+ elsif ($rc{'firewall_type'} eq $ipfw_file ||
+ $rc{'firewall_script'} eq $ipfw_file) {
return 2;
}
- elsif ($rc{'firewall_type'}) {
+ elsif ($rc{'firewall_type'} || $rc{'firewall_script'}) {
# A *different* file is enabled
return -1;
}
# Add to rc.conf
local %rc = &net::get_rc_conf();
&lock_file("/etc/rc.conf");
- &net::save_rc_conf('firewall_type', $ipfw_file);
+ if ($rc{'firewall_script'}) {
+ &net::save_rc_conf('firewall_script', $ipfw_file);
+ }
+ else {
+ &net::save_rc_conf('firewall_type', $ipfw_file);
+ }
&net::save_rc_conf('firewall_enable', 'YES');
&net::save_rc_conf('firewall_quiet', 'YES');
&unlock_file("/etc/rc.conf");