Hello, Recently I've been working on automating my FreeBSD systems, as much as possible and the viable solution was to try out Cfengine 3. Currently I'm running most of my hosts and jails under Cfengine 3 control, and wanted to share this you, because I think some might find it useful. Therefore I've created a little documentation that explains how to setup Cfengine 3 on your systems and use it for managing your hosts and jails - starting from simple configuration deployments and daemon processes control, and package management with Cfengine 3. Anyway the document can be found here: - http://unix-heaven.org/node/50 Hope you find it useful. Regards, Marin -- Marin Atanasov Nikolov dnaeon AT gmail DOT com daemon AT unix-heaven DOT org http://www.unix-heaven.org/
Hi all,
Recently I upgraded to 8.2-STABLE and reconfigured natd + jailed box, but
all packets could not over nat box. I've researched and found
/etc/rc.firewall does not recieve argument of firewall_type. So ipfw does
not divert and natd could not be performed. The reason is /etc/rc.d/ipfw
incorrect. I think an patch below should be applyed to /etc/rc.d/ipfw. Is
there any problem to do this?
--- /etc/rc.d/ipfw.org 2011-05-03 18:19:28.000000000 +0900
+++ /etc/rc.d/ipfw 2011-05-03 22:08:14.000000000 +0900
@@ -35,15 +35,11 @@
ipfw_start()
{
- local _firewall_type
-
- _firewall_type=$1
-
# set the firewall rules script if none was specified
[ -z "${firewall_script}" ] &&
firewall_script=/etc/rc.firewall
if [ -r "${firewall_script}" ]; then
- /bin/sh "${firewall_script}" "${_firewall_type}"
+ /bin/sh "${firewall_script}" "${firewall_type}"
echo 'Firewall rules loaded.'
elif [ "`ipfw list 65535`" = "65535 deny ip from any to
any" ]; then
echo 'Warning: kernel has firewall functionality, but' \