Date: Fri, 18 Jul 2003 07:44:38 -0700 From: Wes Peters <wes@softweyr.com> To: John Baldwin <jhb@FreeBSD.org>, John-Mark Gurney <gurney_j@efn.org> Cc: arch@FreeBSD.org Subject: Re: Things to remove from /rescue Message-ID: <200307180744.38792.wes@softweyr.com> In-Reply-To: <200307170902.20004.jhb@FreeBSD.org> References: <20030717080805.GA98878@dragon.nuxi.com> <20030717085439.GC35337@funkthat.com> <200307170902.20004.jhb@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thursday 17 July 2003 06:05 am, John Baldwin wrote:
> On Thursday 17 July 2003 04:54 am, John-Mark Gurney wrote:
> > Luigi Rizzo wrote this message on Thu, Jul 17, 2003 at 01:50 -0700:
> > > On Thu, Jul 17, 2003 at 01:43:33AM -0700, John-Mark Gurney wrote:
> > > > David O'Brien wrote this message on Thu, Jul 17, 2003 at 01:08
-0700:
> > > > > - ipfw & natd & ipf & ipfs & ipfstat & ipmon & ipnan, why would
> > > > > one needs these? /rescue is to fix a borked /, not replace
> > > > > PicoBSD.
> > > >
> > > > ipfw I can see as useful. If you have a kernel that defaults to
> > > > closed, and you need to access the network, then this is a
> > > > problem. If we had
> > >
> > > actually, this is trivial to fix:
> > >
> > > sysctl net.inet.ip.fw.enable=0
> >
> > I didn't know about this. :)
> >
> > My objection to removing it has been removed. :) I now support
> > removing ipfw and friends (from /rescue).
>
> I believe that sysctl only affects ipfw, so people using ipfilter might
> still need ipf if ipfilter defaults to block as well.
It would seem advisable to add such a sysctl for ipfilter. Any
objections, Darren?
--
Where am I, and what am I doing in this handbasket?
Wes Peters wes@softweyr.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200307180744.38792.wes>