From nobody@FreeBSD.org  Sat Feb 28 21:27:04 2004
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 93FCC16A4CE
	for <freebsd-gnats-submit@FreeBSD.org>; Sat, 28 Feb 2004 21:27:04 -0800 (PST)
Received: from www.freebsd.org (www.freebsd.org [216.136.204.117])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 8D20843D2D
	for <freebsd-gnats-submit@FreeBSD.org>; Sat, 28 Feb 2004 21:27:04 -0800 (PST)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.12.10/8.12.10) with ESMTP id i1T5R472008991
	for <freebsd-gnats-submit@FreeBSD.org>; Sat, 28 Feb 2004 21:27:04 -0800 (PST)
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.12.10/8.12.10/Submit) id i1T5R4F9008976;
	Sat, 28 Feb 2004 21:27:04 -0800 (PST)
	(envelope-from nobody)
Message-Id: <200402290527.i1T5R4F9008976@www.freebsd.org>
Date: Sat, 28 Feb 2004 21:27:04 -0800 (PST)
From: Derek VerLee <derekverlee@comcast.net>
To: freebsd-gnats-submit@FreeBSD.org
Subject: commands in dhclient-exit-hooks may not succeed at boot with firewall
X-Send-Pr-Version: www-2.3

>Number:         63519
>Category:       conf
>Synopsis:       commands in dhclient-exit-hooks may not succeed at boot with firewall
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sat Feb 28 21:30:20 PST 2004
>Closed-Date:    Thu May 13 00:55:44 PDT 2004
>Last-Modified:  Thu May 13 00:55:44 PDT 2004
>Originator:     Derek VerLee
>Release:        5.2-RELEASE #1
>Organization:
>Environment:
FreeBSD pcp02905714pcs.roylok01.mi.comcast.net 5.2-RELEASE FreeBSD 5.2-RELEASE #1: Thu Jan 15 03:31:40 GMT 2004     root@pcp02905714pcs.roylok01.mi.comcast.net:/usr/obj/usr/src/sys/PANOX  i386
>Description:
I have added a line to my /etc/dhclient-exit-hooks script (which is executed (if it exists) by /sbin/dhclient-script) that sets my hostname to  a name that actually resolves to something in order to make sendmail as well as several other programs run more cleanly.  It does this using the host command.  The problem comes because I also run a firewall, and dhcpclient starts before the firewall rules are added, so that dhclient-exit-hooks and thus host is executed under a closed firewall.
>How-To-Repeat:
Any attempt to access the network within a script initiated by dhclient while booting on a machine with ipfw enabled.
>Fix:
in the file /etc/rc.d/dhclient
change the line 

# REQUIRE: network netif mountcritlocal

to 

# REQUIRE: ipfw network netif mountcritlocal
>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: mbr 
State-Changed-When: Thu May 13 00:55:25 PDT 2004 
State-Changed-Why:  
Fixed it CURRENT. Thanks ! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=63519 
>Unformatted:
