Date: Thu, 2 Jan 2003 19:20:45 +0000 From: Ceri Davies <setantae@submonkey.net> To: Nick Rogness <nick@rogness.net> Cc: Lucky Green <shamrock@cypherpunks.to>, l.rizzo@iet.unipi.it, doc@FreeBSD.ORG Subject: Re: IPFW: suicidal defaults Message-ID: <20030102192045.GB1145@submonkey.net> In-Reply-To: <20030102120754.P4054-100000@skywalker.rogness.net> References: <003101c2b28f$f2b0b690$6601a8c0@VAIO650> <20030102120754.P4054-100000@skywalker.rogness.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jan 02, 2003 at 12:12:38PM -0700, Nick Rogness wrote: > > Ummm, unless things have changed, just recompiling the kernel with > 'options IPFIREWALL' won't enable your firewall. You need the > corresponding option in /etc/rc.conf : > > firewall_enable="YES" Nope - that tells it whether to load the ruleset (and ipfw.ko) or not. If you've compiled ipfw as a module, then not having firewall_enable set to YES is enough to not load the firewall, but if you've compiled it into your kernel and don't load any rules, then you just get the default rule. Ceri -- By the forge of the clan! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-doc" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030102192045.GB1145>