From owner-freebsd-stable Sat Mar 25 20:39:49 2000 Delivered-To: freebsd-stable@freebsd.org Received: from dt051n0b.san.rr.com (dt051n0b.san.rr.com [204.210.32.11]) by hub.freebsd.org (Postfix) with ESMTP id C1E2237B652 for ; Sat, 25 Mar 2000 20:39:45 -0800 (PST) (envelope-from Doug@gorean.org) Received: from gorean.org (doug@master [10.0.0.2]) by dt051n0b.san.rr.com (8.9.3/8.9.3) with ESMTP id UAA08364; Sat, 25 Mar 2000 20:39:43 -0800 (PST) (envelope-from Doug@gorean.org) Message-ID: <38DD948F.D6735548@gorean.org> Date: Sat, 25 Mar 2000 20:39:43 -0800 From: Doug Barton Organization: Triborough Bridge & Tunnel Authority X-Mailer: Mozilla 4.72 [en] (X11; U; FreeBSD 5.0-CURRENT-0322 i386) X-Accept-Language: en MIME-Version: 1.0 To: Tom Legg Cc: freebsd-stable@freebsd.org Subject: Re: Minor rc.network bug for 4.0 and ipfw References: <38DD87C8.8D8FC976@gorean.org> <38DD8E7B.CA0781BD@gorean.org> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Tom Legg wrote: > All I'm saying is that an admin that is sophisticated enough to > compile a custom kernel with IPFW is also sophisticated enough to > change the rc flag to "YES" when they want the firewall enabled. But > I "pity the foo" that has to come and adminster a system where > firewall_enable="NO" in boot up does not mean net.inet.ip.fw.enable=0 Yes, this has been argued ad infinitum. Check the mail archives if you're interested. What it boils down to is, we like it the way it is, and we expect people who load the gun to read how not to shoot their foot with it. Doug -- "So, the cows were part of a dream that dreamed itself into existence? Is that possible?" asked the student incredulously. The master simply replied, "Mu." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message