Date: Wed, 15 Sep 2010 17:30:23 +0200 From: Gareth de Vaux <bsd@lordcow.org> To: Ian Smith <smithi@nimnet.asn.au> Cc: Brandon Gooch <jamesbrandongooch@gmail.com>, ipfw@freebsd.org Subject: Re: phantom rules Message-ID: <20100915153023.GA84975@lordcow.org> In-Reply-To: <20100915134357.A73353@sola.nimnet.asn.au> References: <20100909131733.GA21535@lordcow.org> <AANLkTikjBA4aBXJ1JO%2B28CkNmcbC4qYkcmueTQhPnA0J@mail.gmail.com> <20100915134357.A73353@sola.nimnet.asn.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed 2010-09-15 (14:39), Ian Smith wrote: > Indeed, that's where these have come from (and Gareth, you DO want those > rules, including the ipv6_mandatory ones if running ipv6) I don't, because I run my own from my own file. (I'm not using ipv6 either). > but I suspect that you may have rather intended this to be: > > firewall_script="/usr/local/etc/firewall" Nope I intended it as before - firewall_type="<filename>", and my file is in the format you mention later, and it works, just preceded with that stuff I didn't ask for. The first line in /usr/local/etc/firewall for example is: add pass all from any to any via lo0 so I end up with 2 of these rules, plus that other stuff. So are there some variables I can set that disable this second-guessing behaviour?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100915153023.GA84975>