From owner-freebsd-questions  Thu Dec 20 13:34:34 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from dibinst.mit.edu (DIBINST.MIT.EDU [18.154.0.165])
	by hub.freebsd.org (Postfix) with SMTP id 56A5537B416
	for <freebsd-questions@freebsd.org>; Thu, 20 Dec 2001 13:34:26 -0800 (PST)
Received: from hrst19 [18.154.0.239] by dibinst.mit.edu [127.0.0.1] with SMTP (MDaemon.v2.7.SP4.R) for <freebsd-questions@freebsd.org>; Thu, 20 Dec 2001 16:32:56 -0500
Message-ID: <00e801c1899e$153864e0$ef009a12@mit.edu>
From: "Paul Warner" <pwarner@dibinst.mit.edu>
To: "Chris Appleton" <appleton_chris@yahoo.com>,
	<freebsd-questions@freebsd.org>
References: <20011220210456.43064.qmail@web14807.mail.yahoo.com>
Subject: Re: ipfw.rules
Date: Thu, 20 Dec 2001 16:34:19 -0500
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
X-MDaemon-Deliver-To: freebsd-questions@freebsd.org
X-Return-Path: PWarner@dibinst.mit.edu
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

the ipfw -f flush and other rules you list are only run if your rc.firewall
is run before you firewall.conf (or ipfw.rules).  for instance, in rc.conf:

firewall_enable="YES"
firewall_script="/etc/rc.firewall"
firewall_type="/etc/firewall.conf"

if you skip the call to rc.firewall, then you'll want to add the explicit
calls into ipfw.rules or firewall.conf.

Paul


----- Original Message -----
From: "Chris Appleton" <appleton_chris@yahoo.com>
To: <freebsd-questions@freebsd.org>
Sent: Thursday, December 20, 2001 4:04 PM
Subject: ipfw.rules


> Do I need to include 'ipfw flush' (is that correct or
> do I need add?) and the 00100 allow any to any via lo0
> and the deny 127.0.0.0 (00200, 00300) in my ipfw.rules
> file?  Or are they automatically run before ipfw.rules
> does?
>
> Thanks advance,
>
> __________________________________________________
> Do You Yahoo!?
> Check out Yahoo! Shopping and Yahoo! Auctions for all of
> your unique holiday gifts! Buy at http://shopping.yahoo.com
> or bid at http://auctions.yahoo.com
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message
>



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message