From cschuber@passer.osg.gov.bc.ca  Mon Sep 14 11:00:31 1998
Received: from passer.osg.gov.bc.ca (passer.osg.gov.bc.ca [142.32.110.29])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id LAA13842
          for <FreeBSD-gnats-submit@freebsd.org>; Mon, 14 Sep 1998 11:00:29 -0700 (PDT)
          (envelope-from cschuber@passer.osg.gov.bc.ca)
Received: (from cschuber@localhost) by passer.osg.gov.bc.ca (8.8.8/8.6.10) id LAA23827; Mon, 14 Sep 1998 11:00:09 -0700 (PDT)
Message-Id: <199809141800.LAA23827@passer.osg.gov.bc.ca>
Date: Mon, 14 Sep 1998 11:00:09 -0700 (PDT)
From: Cy Schubert <cschuber@passer.osg.gov.bc.ca>
Reply-To: cschuber@uumail.gov.bc.ca
To: FreeBSD-gnats-submit@freebsd.org
Subject: Patch to allow execution of an IPFW shell script
X-Send-Pr-Version: 3.2

>Number:         7928
>Category:       conf
>Synopsis:       Patch to allow execution of an IPFW shell script
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Mon Sep 14 11:10:00 PDT 1998
>Closed-Date:    Wed Jun 9 05:10:17 PDT 1999
>Last-Modified:  Wed Jun  9 05:11:37 PDT 1999
>Originator:     Cy Schubert
>Release:        FreeBSD 2.2.7-RELEASE i386
>Organization:
ITSD, Province of BC, Canada
>Environment:

	FreeBSD passer.osg.gov.bc.ca 2.2.7-RELEASE FreeBSD 2.2.7-RELEASE #0: Sat Aug 22 06:16:57 PDT 1998     root@passer.osg.gov.bc.ca:/opt/usr_src-227/src/sys/compile/PASSER  i386
	+ CAM SCSI Patches

>Description:

	rc.firewall can load a firewall from a file.  This patch loads a
	firewall using a shell script.  What this patch does is to determine
	whether the file being referenced is executable if it is, it assumes
	the file is a shell (or Perl) script.  If it isn't, it assumes it
	is a regular file.

	This patch also fixes a bug to detect whether  $firewall_type is
	a directory or a regular file.

>How-To-Repeat:

	not relevant.

>Fix:
	
--- /etc/rc.firewall	Tue Mar 24 17:56:48 1998
+++ /tmp/rc.firewall	Mon Sep 14 10:58:29 1998
@@ -171,6 +171,8 @@
 
     # Everything else is denied as default.
 
-elif [ "${firewall_type}" != "UNKNOWN" -a -r "${firewall_type}" ]; then
+elif [ "${firewall_type}" != "UNKNOWN" -a -r "${firewall_type}" -a -f "${firewall_type}" -a -x "${firewall_type}" ]; then
+	${firewall_type}
+elif [ "${firewall_type}" != "UNKNOWN" -a -r "${firewall_type}" -a -f "${firewall_type}" ]; then
 	$fwcmd ${firewall_type}
 fi

>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->feedback 
State-Changed-By: ru 
State-Changed-When: Fri Jun 4 16:18:28 PDT 1999 
State-Changed-Why:  
Why not just specify your script in ``firewall_script'' variable? 
State-Changed-From-To: feedback->closed 
State-Changed-By: ru 
State-Changed-When: Wed Jun 9 05:10:17 PDT 1999 
State-Changed-Why:  
Closed at originator's request. 
>Unformatted:
