Date: Sun, 07 Jan 2001 17:33:25 -0600 From: David Kelly <dkelly@hiwaay.net> To: Doug Young <dougy@bryden.apana.org.au> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: IPFW / 4.2 RELEASE Message-ID: <200101072333.f07NXPZ74146@grumpy.dyndns.org> In-Reply-To: Message from Doug Young <dougy@bryden.apana.org.au> of "Mon, 08 Jan 2001 07:36:11 %2B1000." <Pine.BSF.4.21.0101080734220.324-100000@bryden.apana.org.au>
next in thread | previous in thread | raw e-mail | index | archive | help
Doug Young writes: > Is ipfw enabled by default in 4.2 RELEASE or is a kernel compile required > in order to use it ?? Its available as a loadable kernel module. Have never used it that way myself but /etc/rc.firewall knows how to detect ipfw in the kernel and load the module if needed. The advantage of compiling ipfw statically into the kernel is that on boot you can have the interfaces default to "deny all" and not have a moment (or more) of exposure on boot. The advantage of building your own kernel is that its likely it will be 500k to 1M smaller than GENERIC. Probably not significant on a 128MB machine. -- David Kelly N4HHE, dkelly@hiwaay.net ===================================================================== The human mind ordinarily operates at only ten percent of its capacity -- the rest is overhead for the operating system. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200101072333.f07NXPZ74146>