From ee4619f2a7c5934dfaaa5a333b6f67f5532d73ae Mon Sep 17 00:00:00 2001 From: "Brian S. Dean" Date: Thu, 27 Apr 2000 00:48:59 +0000 Subject: [PATCH] Back out the hook to execute the file ${firewall_type}. The intended purpose of the hook was to provide the ability for a shell program to instantiate the firewall rules instead of forcing them to be statically coded. This functionality was already present through the use of ${firewall_script}, and I see no need to keep the ${firewall_type} hook around. Reminded by: Dag-Erling Smorgrav --- etc/rc.firewall | 4 +--- share/man/man5/rc.conf.5 | 6 ++---- 2 files changed, 3 insertions(+), 7 deletions(-) diff --git a/etc/rc.firewall b/etc/rc.firewall index 922fe14f132..37428808e7a 100644 --- a/etc/rc.firewall +++ b/etc/rc.firewall @@ -228,9 +228,7 @@ case ${firewall_type} in [Uu][Nn][Kk][Nn][Oo][Ww][Nn]) ;; *) - if [ -x "${firewall_type}" ]; then - . ${firewall_type} - elif [ -r "${firewall_type}" ]; then + if [ -r "${firewall_type}" ]; then ${fwcmd} ${firewall_flags} ${firewall_type} fi ;; diff --git a/share/man/man5/rc.conf.5 b/share/man/man5/rc.conf.5 index 4a609c1d810..4ef54a01e4d 100644 --- a/share/man/man5/rc.conf.5 +++ b/share/man/man5/rc.conf.5 @@ -168,10 +168,8 @@ are .Dq client - basic protection for a workstation; .Dq simple -- basic protection for a LAN. -If a filename is specified, the full path must be given; -if the file is executable, it is sourced, otherwise if the file is -just readable, it is used as input into the ipfw program. +- basic protection for a LAN. If a filename is specified, the full path +must be given. .It Ar firewall_quiet (bool) Set to .Ar YES