From owner-freebsd-questions@FreeBSD.ORG Mon Jun 2 06:52:49 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EF5FD37B401 for ; Mon, 2 Jun 2003 06:52:48 -0700 (PDT) Received: from fsbsd.thefsb.org (dsl092-074-154.bos1.dsl.speakeasy.net [66.92.74.154]) by mx1.FreeBSD.org (Postfix) with SMTP id 9CCB943F85 for ; Mon, 2 Jun 2003 06:52:47 -0700 (PDT) (envelope-from fsb@thefsb.org) Received: (qmail 15169 invoked from network); 2 Jun 2003 13:54:33 -0000 Received: from unknown (HELO ?66.92.74.156?) (66.92.74.156) by dsl092-074-154.bos1.dsl.speakeasy.net with SMTP; 2 Jun 2003 13:54:33 -0000 User-Agent: Microsoft-Entourage/10.1.1.2418 Date: Mon, 02 Jun 2003 09:52:46 -0400 From: tom worster To: freebsd questions Message-ID: Mime-version: 1.0 Content-type: text/plain; charset="US-ASCII" Content-transfer-encoding: 7bit Subject: IP packet filtering enabled in GENERIC? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jun 2003 13:52:49 -0000 i installed 4.8-release from the disk 1 iso yesterday, built a new kernel with "cpu I586_CPU" and "options IPFIREWALL" and a couple of other things and turned on firewall_enable="YES" with firewall_type="OPEN" in rc.conf. the new kernel panicked (i don't know why) so i booted kernel.old (i.e. the GENERIC binary off the iso with a modification date of april 3rd) and noted that dmesg now shows: "IP packet filtering initialized, divert disabled, rule-based forwarding enabled, default to deny, logging disabled" and indeed the filter is working and ipfw controls it. what's going on? i thought that the packet filter was disabled in GENERIC. was this a side effect of compiling my (broken) custom kernel and installing all those .ko files in /modules? c u fsb