Date: Mon, 16 Sep 1996 20:18:49 +0200 From: roberto@keltia.freenix.fr (Ollivier Robert) To: hackers@freebsd.org Subject: Re: Could use a favor Message-ID: <199609161818.UAA02690@keltia.freenix.fr> In-Reply-To: <199609161444.KAA16111@etinc.com>; from Dennis on Sep 16, 1996 10:44:34 -0400 References: <199609161444.KAA16111@etinc.com>
next in thread | previous in thread | raw e-mail | index | archive | help
According to Dennis: > Perhaps unrelated....but I've noticed if I configure IP firewalling into > the kernel the default seems to be that the system cant do anything. Can > anyone outline why that is.... Uh ? Where you the last months, on the moon ? :-) Poul-Henning rewrote a big part of IPFW, added many things like filters per interfaces, better port handling and other things. He also made the default not to pass anything (so you can open for what you need instead of closing what you don't need). If you want to by wide-open, change firewall to YES in /etc/sysconfig and put a file named rc.firewall in /etc with the following: /etc/rc.firewall ------------------------------------------------------------ # Flush out the list before we begin. /sbin/ipfw -f flush /sbin/ipfw add 65000 pass all from any to any ------------------------------------------------------------ Or you can add you own rules here. See /usr/src/etc/rc.firewall for examples. -- Ollivier ROBERT -=- The daemon is FREE! -=- roberto@keltia.freenix.fr FreeBSD keltia.freenix.fr 2.2-CURRENT #21: Sun Sep 8 14:35:00 MET DST 1996
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199609161818.UAA02690>