From owner-freebsd-questions  Thu Mar  6  7:22: 0 2003
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 6156737B401
	for <FreeBSD-questions@FreeBSD.org>; Thu,  6 Mar 2003 07:21:59 -0800 (PST)
Received: from Danovitsch.dnsq.org (b74143.upc-b.chello.nl [212.83.74.143])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 9A56A43FDF
	for <FreeBSD-questions@FreeBSD.org>; Thu,  6 Mar 2003 07:21:57 -0800 (PST)
	(envelope-from Danovitsch@Danovitsch.dnsq.org)
Received: from FreeBSD.Danovitsch.LAN (b83007.upc-b.chello.nl [212.83.83.7])
	by Danovitsch.dnsq.org (8.12.3/8.11.3) with ESMTP id h26FHVcg010937;
	Thu, 6 Mar 2003 16:17:31 +0100 (CET)
	(envelope-from Danovitsch@Danovitsch.dnsq.org)
Content-Type: text/plain;
  charset="iso-8859-1"
From: "Daan Vreeken [PA4DAN]" <Danovitsch@Danovitsch.dnsq.org>
To: Josh Brooks <user@mail.econolodgetulsa.com>
Subject: Re: loading ipfw module without default-deny
Date: Thu, 6 Mar 2003 16:23:26 +0100
User-Agent: KMail/1.4.3
References: <20030306031748.W94847-100000@mail.econolodgetulsa.com>
In-Reply-To: <20030306031748.W94847-100000@mail.econolodgetulsa.com>
Cc: FreeBSD-questions@FreeBSD.org
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Message-Id: <200303061623.26871.Danovitsch@Danovitsch.dnsq.org>
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

On Thursday 06 March 2003 12:19, Josh Brooks wrote:
> Hello,
>
> I want to:
>
> kldload ipfw.ko
>
> but I am not near the physical machine, and cannot type in an allow rul=
e
> after loading the module - by default all traffic will be denied.
> How can I load the ipfw.ko module but not knock myself off the network =
?

try this :

kldload ipfw.ko ; ipfw add 50000 allow ip from any to any
or even better :
kldload ipfw.ko ; sh /etc/rc.firewall

> My only thought was to put an `ipfw add` rule into a cron job to run on=
e
> minute after I load the module, but that seems silly :)

grtz,
Daan

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message