Date: Fri, 27 Feb 2004 23:25:47 +0200 From: Ion-Mihai Tetcu <itetcu@apropo.ro> To: freebsd-questions@freebsd.org Subject: Re: Firewall enabling confusion. Message-ID: <20040227232547.1cc0bc3c@it.buh.cameradicommercio.ro> In-Reply-To: <403FB332.7020200@ste-land.com> References: <20040227194414.835572B4DA7@mail.evilcoder.org> <403F9F4B.6080608@ste-land.com> <20040227132231.P2868@wonkity.com> <403FABE4.6050608@ste-land.com> <20040227231044.180055fa@it.buh.cameradicommercio.ro> <403FB332.7020200@ste-land.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 27 Feb 2004 16:14:26 -0500 "Shaun T. Erickson" <ste@ste-land.com> wrote: > Ion-Mihai Tetcu wrote: > > > hint: > > sysctl -a | grep ip.fw > > for logging do: > > sysctl -w net.inet.ip.fw.verbose: 1 > > sysctl -w net.inet.ip.fw.verbose_limit: 5 > > Ah. > > > see also man ipfw, it will answer your questions. > > I'm still wading through it - it's quite a long read. I'll finish before > asking anything else. ;) > > > AFAIK recompile with IPFW_DEFAUL_TO_ACCEPT, but it would be a bad thing. > > I don't disagree - I just wanted to know how. It helps me to understand > the system better. ;) ;) on ipfw2 you can suspend the last automatic deny all rule, see the man page. -- IOnut Unregistered ;) FreeBSD user
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040227232547.1cc0bc3c>