From owner-freebsd-questions@FreeBSD.ORG Thu Jun 3 21:13:23 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7C89016A4CE for ; Thu, 3 Jun 2004 21:13:23 -0700 (PDT) Received: from quark.cs.earlham.edu (cs.earlham.edu [159.28.230.3]) by mx1.FreeBSD.org (Postfix) with ESMTP id 337FF43D39 for ; Thu, 3 Jun 2004 21:13:23 -0700 (PDT) (envelope-from skylar@cs.earlham.edu) Received: from quark.cs.earlham.edu (localhost.cs.earlham.edu [127.0.0.1]) by quark.cs.earlham.edu (8.12.11/8.12.9) with ESMTP id i544BqoQ048392 (version=TLSv1/SSLv3 cipher=DHE-DSS-AES256-SHA bits=256 verify=NO); Thu, 3 Jun 2004 23:11:52 -0500 (EST) (envelope-from skylar@cs.earlham.edu) Received: (from skylar@localhost) by quark.cs.earlham.edu (8.12.11/8.12.9/Submit) id i544Bq1H048391; Thu, 3 Jun 2004 23:11:52 -0500 (EST) (envelope-from skylar@cs.earlham.edu) X-Authentication-Warning: quark.cs.earlham.edu: skylar set sender to skylar@quark.cs.earlham.edu using -f Date: Thu, 3 Jun 2004 23:11:52 -0500 From: Skylar Thompson To: "?.?.????????" Message-ID: <20040604041152.GA48205@quark.cs.earlham.edu> References: <001001c4491e$9bfef380$5b00a8c0@brilliant.local> <20040603225923.GC21636@quark.cs.earlham.edu> <002801c449e9$6ec2e310$5b00a8c0@brilliant.local> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="uAKRQypu60I7Lcqm" Content-Disposition: inline In-Reply-To: <002801c449e9$6ec2e310$5b00a8c0@brilliant.local> User-Agent: Mutt/1.4.2.1i X-Sender: "Skylar Thompson" X-Accept-Primary-Language: en X-Accept-Secondary-Language: es SMTP-Mailing-Host: quark.cs.earlham.edu X-Operating-System: FreeBSD 4.9-RELEASE X-Uptime: 11:09PM up 11 days, 9:16, 23 users, load averages: 0.13, 0.24, 0.18 X-Editor: VIM - Vi IMproved 6.2 (2003 Jun 1, compiled May 19 2004 13:14:50) X-Earlham-CS-Dept-MailScanner-Information: Please contact the ISP for more information X-Earlham-CS-Dept-MailScanner: Found to be clean X-MailScanner-From: skylar@cs.earlham.edu cc: freebsd-questions@freebsd.org Subject: Re: ipfw: getsockopt(IP_FW_ADD): Operation not permitted X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Skylar Thompson List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Jun 2004 04:13:23 -0000 --uAKRQypu60I7Lcqm Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Jun 04, 2004 at 10:07:20AM +0600, ?.?.???????? wrote: > Hello, Skylar! >=20 > You are right, the reason was in it. > I modified in /etc/rc.conf kern_securelevel=3D"3" to "-1" and > kern_securelevel_enable=3D"YES". But I think securelevel=3D-1 is too slow= and > dangerous.. As long as you don't need X, I find secure level 1 to be a happy middle ground between the two. Do a "man init" to find out more about secure levels. --=20 -- Skylar Thompson (skylar@cs.earlham.edu) -- http://www.cs.earlham.edu/~skylar/ --uAKRQypu60I7Lcqm Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFAv/aIsc4yyULgN4YRAtqTAJ0eM8KAIbiBBo28vY07Q7EncnRBQACffhnS 5ozpgEQ66YLIWB9SqG7+73I= =R8H6 -----END PGP SIGNATURE----- --uAKRQypu60I7Lcqm--