From owner-freebsd-hackers Mon Sep 16 11:32:47 1996 Return-Path: owner-hackers Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id LAA25651 for hackers-outgoing; Mon, 16 Sep 1996 11:32:47 -0700 (PDT) Received: from mexico.brainstorm.eu.org (root@mexico.brainstorm.eu.org [193.56.58.253]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id LAA25643 for ; Mon, 16 Sep 1996 11:32:44 -0700 (PDT) Received: from brasil.brainstorm.eu.org (brasil.brainstorm.eu.org [193.56.58.33]) by mexico.brainstorm.eu.org (8.7.5/8.7.3) with ESMTP id UAA03770 for ; Mon, 16 Sep 1996 20:32:41 +0200 Received: (from uucp@localhost) by brasil.brainstorm.eu.org (8.6.12/8.6.12) with UUCP id UAA12306 for hackers@freebsd.org; Mon, 16 Sep 1996 20:32:28 +0200 Received: (from roberto@localhost) by keltia.freenix.fr (8.8.Beta.1/keltia-uucp-2.9) id UAA02690; Mon, 16 Sep 1996 20:18:50 +0200 (MET DST) Message-Id: <199609161818.UAA02690@keltia.freenix.fr> Date: Mon, 16 Sep 1996 20:18:49 +0200 From: roberto@keltia.freenix.fr (Ollivier Robert) To: hackers@freebsd.org Subject: Re: Could use a favor In-Reply-To: <199609161444.KAA16111@etinc.com>; from Dennis on Sep 16, 1996 10:44:34 -0400 References: <199609161444.KAA16111@etinc.com> X-Mailer: Mutt 0.43g Mime-Version: 1.0 X-Operating-System: FreeBSD 2.2-CURRENT ctm#2443 Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk According to Dennis: > Perhaps unrelated....but I've noticed if I configure IP firewalling into > the kernel the default seems to be that the system cant do anything. Can > anyone outline why that is.... Uh ? Where you the last months, on the moon ? :-) Poul-Henning rewrote a big part of IPFW, added many things like filters per interfaces, better port handling and other things. He also made the default not to pass anything (so you can open for what you need instead of closing what you don't need). If you want to by wide-open, change firewall to YES in /etc/sysconfig and put a file named rc.firewall in /etc with the following: /etc/rc.firewall ------------------------------------------------------------ # Flush out the list before we begin. /sbin/ipfw -f flush /sbin/ipfw add 65000 pass all from any to any ------------------------------------------------------------ Or you can add you own rules here. See /usr/src/etc/rc.firewall for examples. -- Ollivier ROBERT -=- The daemon is FREE! -=- roberto@keltia.freenix.fr FreeBSD keltia.freenix.fr 2.2-CURRENT #21: Sun Sep 8 14:35:00 MET DST 1996