From owner-freebsd-questions  Fri Jun 29  9:35:53 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from camel.kdsi.net (camel.kdsi.net [206.103.113.218])
	by hub.freebsd.org (Postfix) with ESMTP id A7C4F37B401
	for <freebsd-questions@FreeBSD.ORG>; Fri, 29 Jun 2001 09:35:50 -0700 (PDT)
	(envelope-from tony@camel.kdsi.net)
Received: from camel.kdsi.net (leepcC-009.sub-c.lee.net [208.205.126.9])
	(authenticated (0 bits))
	by camel.kdsi.net (8.12.0.Beta10/8.12.0.Beta10) with ESMTP id f5TGcOKv098651;
	Fri, 29 Jun 2001 11:38:25 -0500 (CDT)
Message-ID: <3B3CAE1C.C6AFD3C8@camel.kdsi.net>
Date: Fri, 29 Jun 2001 11:34:36 -0500
From: Tony Wells <tony@camel.kdsi.net>
X-Mailer: Mozilla 4.77 [en] (X11; U; Linux 2.2.12 i386)
X-Accept-Language: en
MIME-Version: 1.0
To: Kelvin Ng Chee Hoong <nchee_hoong@pacific.net.sg>
Cc: "freebsd-questions@FreeBSD.ORG" <freebsd-questions@FreeBSD.ORG>
Subject: Re: Add new entry of firewall
References: <3B3C48E9.736B8175@pacific.net.sg>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG


Look at /etc/defaults/rc.conf for the firewall stuff.  Copy over the
lines you need to /etc/rc.conf.  I'm guessing you don't have the line in
there that tells what file to source for the firewall rules.

Kelvin Ng Chee Hoong wrote:
> 
> Hi ;
>    I've re-compiled to kernel to include IPFIREWALL options . The
> firewall is rejects all packets by default . As such , I've added new
> entry of firewall rule to allow certain sources allow forwarding to the
> specific destination. But when I reboot the system , my new entry of
> firewall rule disappear . It uses the default entry which rejects all
> packets after reboot. As such , I unable ssh to my FreeBSD when I reboot
> the system . I'm sure that I've enabled FIREWALL_ENABLE  in /etc/rc.conf
> 
>     My question , how do I save new entry to firewall table ? When I
> reboot the system , I want the firewall fetchs my added entry as part of
> firewall rule .
>     Please advise .
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message