Date: Mon, 04 Apr 2005 10:06:48 +0200 (CDT) From: "Martin" <bts@iae.nl> To: "freebsd-ipfw@freebsd.org" <freebsd-ipfw@freebsd.org>, "Sergei Gnezdov" <use-reply-to@gnezdov.net>, "sergei@gnezdov.net" <sergei@gnezdov.net> Subject: Re: DHCP with ipfw Message-ID: <20050404090719.F2268544E1F@mail2-new.vianetworks.nl> In-Reply-To: <slrnd4775d.79b.use-reply-to@gnezdov.net>
next in thread | previous in thread | raw e-mail | index | archive | help
ON 5+, you also have to open up the MAC layer FW:
ipfw add allow mac via xl0
If the DHCP server is slow and did not reply back before the
dhclient did continue the boot process, you maybe you do have
to reload the FW rules once your DHCP connection is established.
/Martin
On Fri, 25 Mar 2005 05:07:30 +0000 (UTC), Sergei Gnezdov wrote:
>/etc/rc.conf:
>
> ifconfig_rl0="DHCP"
>
> firewall_type="client"
> firewall_enable="YES"
>
>When my machine boots firewall is initialized before DHCP obtains IP
>address. This results in incomplete firewall configuration. How do I
>fix this?
>
>My /etc/rc.firewall initialized with the following commands:
>
> net=`ifconfig rl0 | grep "inet " | awk '{print $6}'`
> mask="255.255.255.0"
> ip=`ifconfig rl0 | grep "inet " | awk '{print $2}'`
>
>
>
>_______________________________________________
>freebsd-ipfw@freebsd.org mailing list
>http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
>To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050404090719.F2268544E1F>