Date: Mon, 13 Jan 2003 00:19:54 -0800 (PST) From: Matthew Dillon <dillon@apollo.backplane.com> To: Pawel Jakub Dawidek <nick@garage.freebsd.pl> Cc: cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG Subject: Re: cvs commit: src/sbin/ipfw ipfw.8 ipfw2.c Message-ID: <200301130819.h0D8JsJc001902@apollo.backplane.com> References: <200301120331.h0C3VA2H040455@repoman.freebsd.org> <20030113075934.GE9430@garage.freebsd.pl> <200301130807.h0D87urr001783@apollo.backplane.com> <20030113081749.GF9430@garage.freebsd.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
:Exactly, but: : :SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, enable, CTLFLAG_RW, : &fw_enable, 0, "Enable ipfw"); : :So where are adequate checks? :I haven't check, but it looks like we can manipulate net.inet.ip.fw.enable :even if securelevel >=3D 3. Am I wrong? : :--=20 :Pawel Jakub Dawidek :UNIX Systems Administrator You are looking at the old ipfw code. Look at the sysctl's in ip_fw2.c instead. Either way it is not really relevant to my commit, I didn't make any changes to the IPFW kernel code, only to the userland program. -Matt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200301130819.h0D8JsJc001902>