From owner-freebsd-arch@FreeBSD.ORG  Tue Jul 22 02:10:30 2003
Return-Path: <owner-freebsd-arch@FreeBSD.ORG>
Delivered-To: freebsd-arch@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 8DC8E37B409; Tue, 22 Jul 2003 02:10:30 -0700 (PDT)
Received: from mail.broadpark.no (mail.broadpark.no [217.13.4.2])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 609B643FB1; Tue, 22 Jul 2003 02:10:29 -0700 (PDT)
	(envelope-from des@des.no)
Received: from smtp.des.no (37.80-203-228.nextgentel.com [80.203.228.37])
	by mail.broadpark.no (Postfix) with ESMTP
	id 2702B78D9A; Tue, 22 Jul 2003 11:10:28 +0200 (MEST)
Received: by smtp.des.no (Pony Express, from userid 666)
	id C0C379605F; Tue, 22 Jul 2003 11:10:27 +0200 (CEST)
Received: from dwp.des.no (dwp.des.no [10.0.0.4])
	by smtp.des.no (Pony Express) with ESMTP
	id C719195938; Tue, 22 Jul 2003 11:10:22 +0200 (CEST)
Received: by dwp.des.no (Postfix, from userid 2602)
	id 82974B822; Tue, 22 Jul 2003 11:10:22 +0200 (CEST)
To: obrien@FreeBSD.org
References: <20030719171138.GA86442@dragon.nuxi.com>
	<XFMail.20030721151553.jhb@FreeBSD.org>
	<20030721202314.GC21068@dragon.nuxi.com>
From: des@des.no (Dag-Erling =?iso-8859-1?q?Sm=F8rgrav?=)
Date: Tue, 22 Jul 2003 11:10:22 +0200
In-Reply-To: <20030721202314.GC21068@dragon.nuxi.com> (David O'Brien's
 message of "Mon, 21 Jul 2003 13:23:14 -0700")
Message-ID: <xzpn0f76i69.fsf@dwp.des.no>
User-Agent: Gnus/5.090024 (Oort Gnus v0.24) Emacs/21.3 (berkeley-unix)
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable
X-Spam-Status: No, hits=-3.0 required=8.0
	tests=EMAIL_ATTRIBUTION,IN_REP_TO,QUOTED_EMAIL_TEXT,REFERENCES,
	      REPLY_WITH_QUOTES,USER_AGENT_GNUS_UA
	version=2.55
X-Spam-Level: 
X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-2003-05-19-exp)
cc: John Baldwin <jhb@FreeBSD.org>
cc: freebsd-arch@FreeBSD.org
Subject: Re: Things to remove from /rescue
X-BeenThere: freebsd-arch@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussion related to FreeBSD architecture
	<freebsd-arch.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-arch>,
	<mailto:freebsd-arch-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-arch>
List-Post: <mailto:freebsd-arch@freebsd.org>
List-Help: <mailto:freebsd-arch-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-arch>,
	<mailto:freebsd-arch-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Jul 2003 09:10:31 -0000

"David O'Brien" <obrien@FreeBSD.org> writes:
> If I did need to get to the Internet to get bits, what does ipfw do
> for me that "sysctl net.inet.ip.fw.enable=3D0" doesn't?

ipfw -q flush
ipfw add pass ip from any to any via lo0
ipfw add check-state
ipfw add pass udp from me to any domain,ntp out keep-state
ipfw add pass tcp from me to any out setup keep-state
ipfw add deny all from any to any

DES
--=20
Dag-Erling Sm=F8rgrav - des@des.no