From owner-freebsd-questions Fri May 14 2: 5:21 1999 Delivered-To: freebsd-questions@freebsd.org Received: from volodya.prime.net.ua (volodya.prime.net.ua [195.64.229.17]) by hub.freebsd.org (Postfix) with ESMTP id 38627151E2 for ; Fri, 14 May 1999 02:05:17 -0700 (PDT) (envelope-from andyo@prime.net.ua) Received: from prime.net.ua (localhost [127.0.0.1]) by volodya.prime.net.ua (8.9.3/8.8.8) with ESMTP id JAA72689; Fri, 14 May 1999 09:18:25 +0300 (EEST) (envelope-from andyo@prime.net.ua) Message-ID: <373BC030.E52E9410@prime.net.ua> Date: Fri, 14 May 1999 09:18:24 +0300 From: "Andy V. Oleynik" Organization: M-Info X-Mailer: Mozilla 4.5 [en] (X11; I; FreeBSD 3.2-BETA i386) X-Accept-Language: ru, uk, en MIME-Version: 1.0 To: Alexander Maret Cc: "'freebsd-questions@FreeBSD.ORG'" Subject: Re: IPFILTER and default deny all References: <91DA20EC3C3DD211833400A0245A4EA9BA0DD6@erlangen01.axis.de> Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 8bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG AFAIK deny all allways presents. Alexander Maret wrote: > Hi, > > I enabled IPFILTER in KERNEL to build up a Firewall. Everything is > working fine but there is something I don't like. As default > IPFILTER allows every packet pass through. I think this is very > insecure because if I boot my machine and IPFilter fails to start > every packet can pass my firewall. Is there a possibility to set > "deny all" as default? > > Bye, > > Alex > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message -- WBW Andy V. Oleynik (When U work in virtual office U have good chance to obtain virtual money ö%-) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message