From owner-freebsd-questions Sun Feb 3 10:31:57 2002 Delivered-To: freebsd-questions@freebsd.org Received: from guru.mired.org (dsl-64-192-6-133.telocity.com [64.192.6.133]) by hub.freebsd.org (Postfix) with SMTP id 9226537B400 for ; Sun, 3 Feb 2002 10:31:49 -0800 (PST) Received: (qmail 673 invoked by uid 100); 3 Feb 2002 18:31:48 -0000 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <15453.33300.481826.739743@guru.mired.org> Date: Sun, 3 Feb 2002 12:31:48 -0600 To: Flemming Froekjaer Cc: questions@freebsd.org, madriax@garlic.com Subject: Re: Firewall In-Reply-To: <37669235@toto.iv> X-Mailer: VM 6.90 under 21.1 (patch 14) "Cuyahoga Valley" XEmacs Lucid X-face: "5Mnwy%?j>IIV\)A=):rjWL~NB2aH[}Yq8Z=u~vJ`"(,&SiLvbbz2W`;h9L,Yg`+vb1>RG% *h+%X^n0EZd>TM8_IB;a8F?(Fb"lw'IgCoyM.[Lg#r\ From: "Mike Meyer" X-Delivery-Agent: TMDA/0.44 (Python 2.2; freebsd-4.5-STABLE-i386) Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Flemming Froekjaer types: > Remington wrote: > >OK I want a firewqall configured without putting it into my kernel. Im > >running 4.5-STABLE. I know I have to edit my /etc/rc.conf and add > >firewall_enable="YES" and firewall_type="client", is there anything else > >I have to do? > Yes. You still have to build a new kernel with the firewall code enabled. > As a minimum you need to add: > > options IPFIREWALL Not true in 4.5. ipfw is available via a kld, and setting firewall_enable="YES" will cause that kld to be loaded. You can't change any of the firewall-related options this way, but if all you want is a simple client firewall, GENERIC and rc.conf will do the job. http://www.mired.org/home/mwm/ Independent WWW/Perforce/FreeBSD/Unix consultant, email for more information. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message