IPFW IPFW - Disable Rule Sets by Default Upon Startup

Dear All,

I have made several sets of rules using IPFW. I've separated them into rule 1 and 2, and the rest in rule 31. What I want to do is that after restart, I would like to only have rule 31 running (with rule 1 and 2 disabled). Only after VNets are up (all the pairs and bridges are set up and running), that rule 1 and 2 will be enabled. However, by default upon restart/start up, all rules are automatically enabled.

How can I make only rule 31 that's enabled on startup and rule 1 & 2 enabled manually later on?

Thanks.
 
Parworks, could you elaborate why you need this function?
The rules will work just fine as soon as the interfaces are created (even if the rules are created before).
The interfaces do not need to exist for the rules to work after adding them.

If you really want you can probably script it, check jail(8), something like exec.poststart.
 
Parworks, could you elaborate why you need this function?
The rules will work just fine as soon as the interfaces are created (even if the rules are created before).
The interfaces do not need to exist for the rules to work after adding them.

If you really want you can probably script it, check jail(8), something like exec.poststart.
After trying it further: yes, I've now realized that I don't need the interface to exist first to have the rules set up. So, I guess I don't really need them then. Thanks, driesm :)
 
Back
Top