diff options
author | Andrey A. Chernov <ache@FreeBSD.org> | 2000-05-06 17:18:19 +0000 |
---|---|---|
committer | Andrey A. Chernov <ache@FreeBSD.org> | 2000-05-06 17:18:19 +0000 |
commit | be08c4bfc87bc0fd6551addc9124521653720cab (patch) | |
tree | 479a18e871c931994812986ae837bff9bf3d9de6 /etc | |
parent | 3e48370f700d8d57256564c1fa2997fd35b23615 (diff) | |
download | src-be08c4bfc87bc0fd6551addc9124521653720cab.tar.gz src-be08c4bfc87bc0fd6551addc9124521653720cab.zip |
Add firewall_logging knob to enable/disablle events logging, disabled
by default. Needed mainly for ipfw kernel module to enable logging
disabled there.
Notes
Notes:
svn path=/head/; revision=60103
Diffstat (limited to 'etc')
-rw-r--r-- | etc/defaults/rc.conf | 1 | ||||
-rw-r--r-- | etc/network.subr | 10 | ||||
-rw-r--r-- | etc/rc.d/netoptions | 10 | ||||
-rw-r--r-- | etc/rc.d/network1 | 10 | ||||
-rw-r--r-- | etc/rc.d/network2 | 10 | ||||
-rw-r--r-- | etc/rc.d/network3 | 10 | ||||
-rw-r--r-- | etc/rc.d/routing | 10 | ||||
-rw-r--r-- | etc/rc.network | 10 |
8 files changed, 71 insertions, 0 deletions
diff --git a/etc/defaults/rc.conf b/etc/defaults/rc.conf index 9ce5d1d283af..f45269609e90 100644 --- a/etc/defaults/rc.conf +++ b/etc/defaults/rc.conf @@ -46,6 +46,7 @@ firewall_enable="NO" # Set to YES to enable firewall functionality firewall_script="/etc/rc.firewall" # Which script to run to set up the firewall firewall_type="UNKNOWN" # Firewall type (see /etc/rc.firewall) firewall_quiet="NO" # Set to YES to suppress rule display +firewall_logging="NO" # Set to YES to enable events logging firewall_flags="" # Flags passed to ipfw when type is a file natd_program="/sbin/natd" # path to natd, if you want a different one. natd_enable="NO" # Enable natd (if firewall_enable == YES). diff --git a/etc/network.subr b/etc/network.subr index dd60e892eb45..a03e0002549a 100644 --- a/etc/network.subr +++ b/etc/network.subr @@ -223,6 +223,16 @@ network_pass1() { echo "but firewall rules are not enabled." echo " All ip services are disabled." fi + + case ${firewall_logging} in + [Yy][Ee][Ss] | '') + echo 'Firewall logging=YES' + sysctl -w net.inet.ip.fw.verbose=1 >/dev/null + ;; + *) + ;; + esac + ;; esac ;; diff --git a/etc/rc.d/netoptions b/etc/rc.d/netoptions index dd60e892eb45..a03e0002549a 100644 --- a/etc/rc.d/netoptions +++ b/etc/rc.d/netoptions @@ -223,6 +223,16 @@ network_pass1() { echo "but firewall rules are not enabled." echo " All ip services are disabled." fi + + case ${firewall_logging} in + [Yy][Ee][Ss] | '') + echo 'Firewall logging=YES' + sysctl -w net.inet.ip.fw.verbose=1 >/dev/null + ;; + *) + ;; + esac + ;; esac ;; diff --git a/etc/rc.d/network1 b/etc/rc.d/network1 index dd60e892eb45..a03e0002549a 100644 --- a/etc/rc.d/network1 +++ b/etc/rc.d/network1 @@ -223,6 +223,16 @@ network_pass1() { echo "but firewall rules are not enabled." echo " All ip services are disabled." fi + + case ${firewall_logging} in + [Yy][Ee][Ss] | '') + echo 'Firewall logging=YES' + sysctl -w net.inet.ip.fw.verbose=1 >/dev/null + ;; + *) + ;; + esac + ;; esac ;; diff --git a/etc/rc.d/network2 b/etc/rc.d/network2 index dd60e892eb45..a03e0002549a 100644 --- a/etc/rc.d/network2 +++ b/etc/rc.d/network2 @@ -223,6 +223,16 @@ network_pass1() { echo "but firewall rules are not enabled." echo " All ip services are disabled." fi + + case ${firewall_logging} in + [Yy][Ee][Ss] | '') + echo 'Firewall logging=YES' + sysctl -w net.inet.ip.fw.verbose=1 >/dev/null + ;; + *) + ;; + esac + ;; esac ;; diff --git a/etc/rc.d/network3 b/etc/rc.d/network3 index dd60e892eb45..a03e0002549a 100644 --- a/etc/rc.d/network3 +++ b/etc/rc.d/network3 @@ -223,6 +223,16 @@ network_pass1() { echo "but firewall rules are not enabled." echo " All ip services are disabled." fi + + case ${firewall_logging} in + [Yy][Ee][Ss] | '') + echo 'Firewall logging=YES' + sysctl -w net.inet.ip.fw.verbose=1 >/dev/null + ;; + *) + ;; + esac + ;; esac ;; diff --git a/etc/rc.d/routing b/etc/rc.d/routing index dd60e892eb45..a03e0002549a 100644 --- a/etc/rc.d/routing +++ b/etc/rc.d/routing @@ -223,6 +223,16 @@ network_pass1() { echo "but firewall rules are not enabled." echo " All ip services are disabled." fi + + case ${firewall_logging} in + [Yy][Ee][Ss] | '') + echo 'Firewall logging=YES' + sysctl -w net.inet.ip.fw.verbose=1 >/dev/null + ;; + *) + ;; + esac + ;; esac ;; diff --git a/etc/rc.network b/etc/rc.network index dd60e892eb45..a03e0002549a 100644 --- a/etc/rc.network +++ b/etc/rc.network @@ -223,6 +223,16 @@ network_pass1() { echo "but firewall rules are not enabled." echo " All ip services are disabled." fi + + case ${firewall_logging} in + [Yy][Ee][Ss] | '') + echo 'Firewall logging=YES' + sysctl -w net.inet.ip.fw.verbose=1 >/dev/null + ;; + *) + ;; + esac + ;; esac ;; |