the ipfw_start() function in /etc/rc.d/ipfw is missing a command:
sysctl net.inet.ip.fw.enable=1
edgemaster# /etc/rc.d/ipfw restart
net.inet.ip.fw.enable: 1 -> 0
Flushed all rules.
...
Firewall rules loaded, starting divert daemons:.
edgemaster# sysctl net.inet.ip.fw.enable
net.inet.ip.fw.enable: 0
This simple patch fixes it, and also changes a `sysctl` to a ${SYSCTL_W}.
--- ipfw.old Thu Mar 6 02:22:37 2003
+++ ipfw Thu Mar 6 02:31:58 2003
@@ -35,6 +35,7 @@
if [ -r "${firewall_script}" ]; then
. "${firewall_script}"
+ ${SYSCTL_W} net.inet.ip.fw.enable=1 >/dev/null
echo -n 'Firewall rules loaded, starting divert daemons:'
# Network Address Translation daemon
@@ -63,7 +64,7 @@
! checkyesno firewall_logging && return 0
echo 'Firewall logging=YES'
- sysctl net.inet.ip.fw.verbose=1 >/dev/null
+ ${SYSCTL_W} net.inet.ip.fw.verbose=1 >/dev/null
}
load_rc_config $name
--
Sean Kelly | PGP KeyID: D2E5E296
[EMAIL PROTECTED] | http://www.zombie.org
pgp00000.pgp
Description: PGP signature
