Date: Thu, 31 Jan 2002 10:40:00 -0500 From: Bob Johnson <bob@eng.ufl.edu> To: nate@yogotech.com Cc: stable@freebsd.org Subject: Re: Firewall config non-intuitiveness Message-ID: <3C596550.BCC94C25@eng.ufl.edu>
next in thread | raw e-mail | index | archive | help
> > Date: Mon, 28 Jan 2002 12:53:42 -0700 > From: Nate Williams <nate@yogotech.com> > Subject: Re: Firewall config non-intuitiveness > > > Note that "do not enable firewall" (which is implied by firewall_enable="NO") > > is *not* equivalent to "disable firewall". > > Maybe we're having an English language question. > > If something isn't enabled, doesn't that imply that it's disabled? Last > I checked, enabled/disabled were binary operations. > > If I enable the clutch in my car, my car moves (assuming it's in gear). > If I disable it, the power is no longer going to the drive wheels. > > It's either enabled or disabled. There is no 'in-between' state. > (Well, unless you're riding the clutch, but that's not considered a > valid state, since the behavior is undefined, as well as bad for your > clutch. :) > You sort of answered your own question. Most supposedly binary choices aren't: there are other options that may not be recommended, or well defined, but they exist. More to the point, "Do not enable firewall" can be reasonably interpreted to mean "leave the firewall how you found it, instead of forcing it to be enabled". Or to put it another way, "do not do it" does not mean "do the opposite", E.g. "do not build a house" does not mean "tear down a house". It means "leave things the way you found them". > > Nate - Bob To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3C596550.BCC94C25>