From owner-freebsd-questions  Thu May 24 22:41: 4 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from dt051n37.san.rr.com (dt051n37.san.rr.com [204.210.32.55])
	by hub.freebsd.org (Postfix) with ESMTP id 478C437B422
	for <questions@FreeBSD.ORG>; Thu, 24 May 2001 22:41:02 -0700 (PDT)
	(envelope-from DougB@DougBarton.net)
Received: from DougBarton.net (master [10.0.0.2])
	by dt051n37.san.rr.com (8.9.3/8.9.3) with ESMTP id WAA20914;
	Thu, 24 May 2001 22:40:41 -0700 (PDT)
	(envelope-from DougB@DougBarton.net)
Message-ID: <3B0DF059.E6E69428@DougBarton.net>
Date: Thu, 24 May 2001 22:40:41 -0700
From: Doug Barton <DougB@DougBarton.net>
Organization: Triborough Bridge & Tunnel Authority
X-Mailer: Mozilla 4.77 [en] (X11; U; Linux 2.2.12 i386)
X-Accept-Language: en
MIME-Version: 1.0
To: Ted Mittelstaedt <tedm@toybox.placo.com>
Cc: Steve Price <steve@havk.org>, questions@FreeBSD.ORG
Subject: Re: reloading firewall rules remotely
References: <000101c0e4d6$7f73be80$1401a8c0@tedm.placo.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

Ted Mittelstaedt wrote:

> But, most security authorities feel that the explicit deny is
> much safer for an Internet firewall.  Keep this in mind when
> creating your rule set.

Hmmm.... I thought I allowed for this possibility in my post, but thank you
for beating it thoroughly to death.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message