From owner-freebsd-questions@FreeBSD.ORG Wed Apr 23 11:33:13 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 98C5237B408 for ; Wed, 23 Apr 2003 11:33:13 -0700 (PDT) Received: from rs2.rapidaxcess.com (rs2.rapidaxcess.com [207.173.183.243]) by mx1.FreeBSD.org (Postfix) with ESMTP id 09B5D43F85 for ; Wed, 23 Apr 2003 11:33:13 -0700 (PDT) (envelope-from felix@rapidaxcess.com) Received: from Bernie (0-1pool183-98.nas20.tempe1.az.us.da.qwest.net [67.3.183.98]) by rs2.rapidaxcess.com (8.9.1/8.9.1) with SMTP id MAA26105 for ; Wed, 23 Apr 2003 12:29:46 -0700 (MST) Date: Wed, 23 Apr 2003 12:29:46 -0700 (MST) Message-Id: <200304231929.MAA26105@rs2.rapidaxcess.com> X-Sender: felix@rapidaxcess.com X-Mailer: Windows Eudora Pro Version 2.1.2 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: questions@FreeBSD.org From: felix@rapidaxcess.com Subject: Firewall options X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Apr 2003 18:33:14 -0000 To whom it may concern: I am in the process of setting up my first firewalled machine, on the bench thank God. I have poured over the manual pages multiple times and am stuck here... I seem to have everything under control with rules set up to allow me in on boot. Now I need to change the default rule (65535) to deny instead of accept. I have removed the kernel config line: options IPFIREWALL_DEFAULT_TO_ACCEPT recompiled and rebooted 2 times, still the default is accept. I hate to hack by adding a rule 65000 to deny just for a work around, if that would even work... Suggestions? Thanks in advance! And keep up the great work, all of my servers run FreeBSD! Bryan Felix felix@rapidaxcess.com