From 868b6abbca3ae8837ad72e211bfbceb794c6f5fa Mon Sep 17 00:00:00 2001
From: danny <danny@FreeBSD.org>
Date: Tue, 21 Oct 1997 00:54:08 +0000
Subject: [PATCH] MF22 - make firewall_type a little more robust

---
 etc/rc.firewall | 15 ++++++---------
 1 file changed, 6 insertions(+), 9 deletions(-)

diff --git a/etc/rc.firewall b/etc/rc.firewall
index eeedc3954922..aa7a24839e7e 100644
--- a/etc/rc.firewall
+++ b/etc/rc.firewall
@@ -1,6 +1,6 @@
 ############
 # Setup system for firewall service.
-# $Id: rc.firewall,v 1.13 1997/09/11 10:59:00 danny Exp $
+# $Id: rc.firewall,v 1.14 1997/09/18 22:43:42 danny Exp $
 
 ############
 # Define the firewall type in /etc/rc.conf.  Valid values are:
@@ -62,19 +62,16 @@ $fwcmd -f flush
 # $fwcmd add 65000 pass all from any to any
 
 ############
-# Only in rare cases do you want to change this rule
-$fwcmd add 1000 pass all from 127.0.0.1 to 127.0.0.1
+# Only in rare cases do you want to change these rules
+$fwcmd add 1000 pass all from any to any via lo0
+$fwcmd add 1010 deny all from 127.0.0.0/8 to 127.0.0.0/8
 
 
 # Prototype setups.
-if [ "${firewall_type}" = "open" ]; then
+if [ "${firewall_type}" = "open" -o "${firewall_type}" = "OPEN" ]; then
 
 	$fwcmd add 65000 pass all from any to any
 
-elif [ "${firewall_type}" = "simple" ]; then
-
-	$fwcmd add 65000 pass all from any to any via lo0
-
 elif [ "${firewall_type}" = "client" ]; then
 
     ############
@@ -170,6 +167,6 @@ elif [ "${firewall_type}" = "simple" ]; then
 
     # Everything else is denied as default.
 
-elif [ "${firewall_type}" != "NONE" -a -r "${firewall_type}" ]; then
+elif [ "${firewall_type}" != "UNKNOWN" -a -r "${firewall_type}" ]; then
 	$fwcmd ${firewall_type}
 fi