Add firewall_logging knob to enable/disablle events logging, disabled
by default. Needed mainly for ipfw kernel module to enable logging disabled there.
This commit is contained in:
parent
3e48370f70
commit
be08c4bfc8
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=60103
@ -46,6 +46,7 @@ firewall_enable="NO" # Set to YES to enable firewall functionality
|
||||
firewall_script="/etc/rc.firewall" # Which script to run to set up the firewall
|
||||
firewall_type="UNKNOWN" # Firewall type (see /etc/rc.firewall)
|
||||
firewall_quiet="NO" # Set to YES to suppress rule display
|
||||
firewall_logging="NO" # Set to YES to enable events logging
|
||||
firewall_flags="" # Flags passed to ipfw when type is a file
|
||||
natd_program="/sbin/natd" # path to natd, if you want a different one.
|
||||
natd_enable="NO" # Enable natd (if firewall_enable == YES).
|
||||
|
@ -223,6 +223,16 @@ network_pass1() {
|
||||
echo "but firewall rules are not enabled."
|
||||
echo " All ip services are disabled."
|
||||
fi
|
||||
|
||||
case ${firewall_logging} in
|
||||
[Yy][Ee][Ss] | '')
|
||||
echo 'Firewall logging=YES'
|
||||
sysctl -w net.inet.ip.fw.verbose=1 >/dev/null
|
||||
;;
|
||||
*)
|
||||
;;
|
||||
esac
|
||||
|
||||
;;
|
||||
esac
|
||||
;;
|
||||
|
@ -223,6 +223,16 @@ network_pass1() {
|
||||
echo "but firewall rules are not enabled."
|
||||
echo " All ip services are disabled."
|
||||
fi
|
||||
|
||||
case ${firewall_logging} in
|
||||
[Yy][Ee][Ss] | '')
|
||||
echo 'Firewall logging=YES'
|
||||
sysctl -w net.inet.ip.fw.verbose=1 >/dev/null
|
||||
;;
|
||||
*)
|
||||
;;
|
||||
esac
|
||||
|
||||
;;
|
||||
esac
|
||||
;;
|
||||
|
@ -223,6 +223,16 @@ network_pass1() {
|
||||
echo "but firewall rules are not enabled."
|
||||
echo " All ip services are disabled."
|
||||
fi
|
||||
|
||||
case ${firewall_logging} in
|
||||
[Yy][Ee][Ss] | '')
|
||||
echo 'Firewall logging=YES'
|
||||
sysctl -w net.inet.ip.fw.verbose=1 >/dev/null
|
||||
;;
|
||||
*)
|
||||
;;
|
||||
esac
|
||||
|
||||
;;
|
||||
esac
|
||||
;;
|
||||
|
@ -223,6 +223,16 @@ network_pass1() {
|
||||
echo "but firewall rules are not enabled."
|
||||
echo " All ip services are disabled."
|
||||
fi
|
||||
|
||||
case ${firewall_logging} in
|
||||
[Yy][Ee][Ss] | '')
|
||||
echo 'Firewall logging=YES'
|
||||
sysctl -w net.inet.ip.fw.verbose=1 >/dev/null
|
||||
;;
|
||||
*)
|
||||
;;
|
||||
esac
|
||||
|
||||
;;
|
||||
esac
|
||||
;;
|
||||
|
@ -223,6 +223,16 @@ network_pass1() {
|
||||
echo "but firewall rules are not enabled."
|
||||
echo " All ip services are disabled."
|
||||
fi
|
||||
|
||||
case ${firewall_logging} in
|
||||
[Yy][Ee][Ss] | '')
|
||||
echo 'Firewall logging=YES'
|
||||
sysctl -w net.inet.ip.fw.verbose=1 >/dev/null
|
||||
;;
|
||||
*)
|
||||
;;
|
||||
esac
|
||||
|
||||
;;
|
||||
esac
|
||||
;;
|
||||
|
@ -223,6 +223,16 @@ network_pass1() {
|
||||
echo "but firewall rules are not enabled."
|
||||
echo " All ip services are disabled."
|
||||
fi
|
||||
|
||||
case ${firewall_logging} in
|
||||
[Yy][Ee][Ss] | '')
|
||||
echo 'Firewall logging=YES'
|
||||
sysctl -w net.inet.ip.fw.verbose=1 >/dev/null
|
||||
;;
|
||||
*)
|
||||
;;
|
||||
esac
|
||||
|
||||
;;
|
||||
esac
|
||||
;;
|
||||
|
@ -223,6 +223,16 @@ network_pass1() {
|
||||
echo "but firewall rules are not enabled."
|
||||
echo " All ip services are disabled."
|
||||
fi
|
||||
|
||||
case ${firewall_logging} in
|
||||
[Yy][Ee][Ss] | '')
|
||||
echo 'Firewall logging=YES'
|
||||
sysctl -w net.inet.ip.fw.verbose=1 >/dev/null
|
||||
;;
|
||||
*)
|
||||
;;
|
||||
esac
|
||||
|
||||
;;
|
||||
esac
|
||||
;;
|
||||
|
Loading…
Reference in New Issue
Block a user