[Midnightbsd-cvs] src: rc.firewall: Open port 22 on the desktop ruleset when sshd is
Lucas Holt
luke at foolishgames.com
Sun Sep 2 15:37:48 EDT 2007
On Sep 2, 2007, at 2:04 PM, ctriv at midnightbsd.org wrote:
> Log Message:
> -----------
> Open port 22 on the desktop ruleset when sshd is enabled in rc.conf.
>
> Modified Files:
> --------------
> src/etc:
> rc.firewall (r1.3 -> r1.4)
>
> <ctriv-20079218431-
> diff.txt>_______________________________________________
> Midnightbsd-cvs mailing list
> Midnightbsd-cvs at stargazer.midnightbsd.org
> http://www.midnightbsd.org/mailman/listinfo/midnightbsd-cvs
I think this is the wrong place for the rule. In my opinion it would
make more sense to make a mechanism for individual rc.d scripts to
enable/disable firewall rules. The firewall is loaded early in the
boot process. (run rcorder to see what i mean)
I was thinking we could add a list of ports commonly used by the
particular service. For instance, in sshd (the script)
IPV4_PORTS= 22
IPV6_PORTS=22
Then there would be a generic function to test if the firewall is
enabled. This could possibly allow other firewalls to be used as
well provided their rules can be added via a utility.
Lucas Holt
Luke at FoolishGames.com
________________________________________________________
MidnightBSD.org (Free OS)
JustJournal.com (Free blogging)
More information about the Midnightbsd-cvs
mailing list