Date: Thu, 6 Mar 2003 16:13:20 -0300 (ART) From: Fernando Gleiser <fgleiser@cactus.fi.uba.ar> To: Josh Brooks <user@mail.econolodgetulsa.com> Cc: freebsd-questions@freebsd.org Subject: Re: loading ipfw module without default-deny Message-ID: <20030306161029.R65460-100000@cactus.fi.uba.ar> In-Reply-To: <20030306031748.W94847-100000@mail.econolodgetulsa.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 6 Mar 2003, Josh Brooks wrote: > > Hello, > > I want to: > > kldload ipfw.ko > > but I am not near the physical machine, and cannot type in an allow rule > after loading the module - by default all traffic will be denied. > > How can I load the ipfw.ko module but not knock myself off the network ? > > My only thought was to put an `ipfw add` rule into a cron job to run one > minute after I load the module, but that seems silly :) Try this: # cd /sys/modules/ipfw edit Makefile and uncomment the line: #CFLAGS+= -DIPFIREWALL_DEFAULT_TO_ACCEPT Then 'make; make install' you may have to do a 'make clean' before is you already compiled the module. After that, you'll have a ipfw.ko with a default accept policy. Hope this helps Fer To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030306161029.R65460-100000>