Subject: Re: admin script for ipfilter
To: Darren Reed <>
From: Hubert Feyrer <>
List: tech-userlevel
Date: 12/27/2006 10:56:43
On Wed, 27 Dec 2006, Darren Reed wrote:
> No.
> That doesn't tell me if it should be enabled or if rules are loaded
> and active, eg if I start ipmon now and do "ipfadm status", I see:
> ipfilter disabled
> ipfs disabled
> ipmon disabled-but-running
> ipnat disabled
> ....but some more work is needed too...
> If it was "Running: no" above, then the idea is to have it return:
> ipfilter enabled-not-running
> or if it isn't built into the kernel:
> ipfilter enabled-not-in-kernel
> ...the object being to reconcile and report what is in the rc.conf
> config vs what is in the kernel (if anything.)

Why not make '/etc/rc.d/ipfilter status' do that, instead of introducing a 
new interface?

  - Hubert