Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 03 Feb 2005 14:49:06 -0500
From:      Duane Winner <dwinner-lists@att.net>
To:        freebsd-security@freebsd.org
Subject:   need ipfw clarification
Message-ID:  <42028032.2020701@att.net>

next in thread | raw e-mail | index | archive | help
Hello,

I noticed that after enabling firewall in my kernel (5.3-release), my 
dmesg now gives me this:

ipfw2 initialized, divert disabled, rule-based forwarding disabled, 
default to accept, logging limited to 5 packets/entry by default


On 5.2.1, I used to get this:

ipfw2 initialized, divert disabled, rule-based forwarding enabled, 
default to accept, logging disabled

If both cases, I am adding this to my KERNEL config:

options         IPFIREWALL
options         IPFIREWALL_DEFAULT_TO_ACCEPT


It seems that the major difference between 5.2.1 and 5.3 is that now 
rule-based forwarding is disabled.

Is this correct? And what exactly is rule-based forwarding? I'm guessing 
that it doesn't really apply to my situation, as in these cases, I am 
using IPFW to create a deny all inbound to my laptop when I'm on the 
road. But I just want to make sure.

Thanks,
DW



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?42028032.2020701>