Date: Sun, 20 May 2001 15:30:03 -0700 (PDT) From: Janet Sullivan <eliyanah@redrivernet.com> To: freebsd-bugs@FreeBSD.org Subject: Re: kern/27474: Interactive use of user PPP and ipfilter can be insecure Message-ID: <200105202230.f4KMU3H70615@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR kern/27474; it has been noted by GNATS. From: Janet Sullivan <eliyanah@redrivernet.com> To: jsnader@ix.netcom.com, freebsd-gnats-submit@freebsd.org Cc: Subject: Re: kern/27474: Interactive use of user PPP and ipfilter can be insecure Date: Sun, 20 May 2001 15:20:12 -0700 > >Fix: > Either manually reload the rules after starting PPP for the first time > or put the reload in /etc/ppp/ppp.linkup *and* start PPP as root. This > means you should probably remove ``allow user'' from ppp.conf. > > It is only necessary to reload the rules once after PPP has run. They > will then be active on subsequent runs (until a reboot, of course). The fix I use is to edit rc.network so the entire "start user PPP" section is between the "Set host name if not already set" and "establish ipf ruleset" sections. After doing that everything works fine, no manual reloads required. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200105202230.f4KMU3H70615>