From owner-freebsd-questions@FreeBSD.ORG Mon Jun 15 08:51:41 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BF087106570B for ; Mon, 15 Jun 2009 08:51:41 +0000 (UTC) (envelope-from subbsd@gmail.com) Received: from fg-out-1718.google.com (fg-out-1718.google.com [72.14.220.156]) by mx1.freebsd.org (Postfix) with ESMTP id 415668FC14 for ; Mon, 15 Jun 2009 08:51:40 +0000 (UTC) (envelope-from subbsd@gmail.com) Received: by fg-out-1718.google.com with SMTP id e12so333470fga.12 for ; Mon, 15 Jun 2009 01:51:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:from:to:subject:date :user-agent:references:in-reply-to:disposition-notification-to :mime-version:content-type:content-transfer-encoding :content-disposition:message-id; bh=xJH79XFcurkSbUQE+iF88QVIDg3M8+J3a4onIcBacLA=; b=INbgKicuY/+QfvpeJAcimJm0YXzuQ1QKOnKcV8pmptQelNCDmgUA5mE8OyiJ8x/rHU fT+b0aey3M55fwvIUvYyYXzb49NG8QOssAHOkbqbX08nxI432DyR+ivJ6/Zdp5V3Rpur G1bS1WIuJn3G/6ARc3RZ54eefwqcCEZRwJKX4= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:to:subject:date:user-agent:references:in-reply-to :disposition-notification-to:mime-version:content-type :content-transfer-encoding:content-disposition:message-id; b=iHbuQ7FsFdnOjEGhgNWajguV1FcbSP8LhKdH++HrO2CEqBISK5xJSnJ4yPVrwWoJLL hxJvmCwCCMi4phuiepLmhpyhQ1FIVm31z8uughtH4rdbwqjSuO5ydyWVKVmadDzc50bl clgjGdUvwnILQSRuijTEGZk4X2YbNP3B7dLRk= Received: by 10.86.80.17 with SMTP id d17mr6440395fgb.27.1245055900060; Mon, 15 Jun 2009 01:51:40 -0700 (PDT) Received: from gizmo.nevosoft.local ([195.182.128.54]) by mx.google.com with ESMTPS id l19sm8460300fgb.27.2009.06.15.01.51.38 (version=TLSv1/SSLv3 cipher=RC4-MD5); Mon, 15 Jun 2009 01:51:39 -0700 (PDT) From: subbsd To: freebsd-questions@freebsd.org Date: Mon, 15 Jun 2009 12:51:36 +0400 User-Agent: KMail/1.11.4 (FreeBSD/8.0-CURRENT; KDE/4.2.4; amd64; ; ) References: <200906151144.34054.subbsd@gmail.com> <4A360834.2070503@gmail.com> In-Reply-To: <4A360834.2070503@gmail.com> MIME-Version: 1.0 Content-Type: Text/Plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200906151251.36846.subbsd@gmail.com> Subject: Re: enable IPFIREWALL_DEFAULT_TO_ACCEPT for GENERIC kernel X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 15 Jun 2009 08:51:42 -0000 Hello On Monday 15 June 2009 12:37:08 membrana wrote: > subbsd wrote: > > Hello maillist, > > > > Whether there is a way for booting GENERIC kernel with > > ipfw_load="YES" > > > > and > > > > 65535 allow ip from any to any > > > > rules without recompile kernel with options IPFIREWALL_DEFAULT_TO_ACCEPT > > ? > > > > This is single options who force me customize my own kernel with freebsd- > > update. > > > > Thanks! > > put ipfw_load="YES" in /boot/loader.conf - keep in mind default is deny > ... As i understand, no way for make permit by default when ipfw.ko is loading, before running rc-/user-scripts (rc/rc.firewall...) ? Thanks