From owner-freebsd-virtualization@FreeBSD.ORG  Fri Mar 21 08:46:02 2014
Return-Path: <owner-freebsd-virtualization@FreeBSD.ORG>
Delivered-To: freebsd-virtualization@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 9295977A
 for <freebsd-virtualization@freebsd.org>; Fri, 21 Mar 2014 08:46:02 +0000 (UTC)
Received: from frv198.fwdcdn.com (frv198.fwdcdn.com [212.42.77.198])
 (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id 4572EBD7
 for <freebsd-virtualization@freebsd.org>; Fri, 21 Mar 2014 08:46:01 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ukr.net;
 s=ffe; 
 h=Content-Transfer-Encoding:Content-Type:MIME-Version:References:In-Reply-To:Message-Id:Cc:To:Subject:From:Date;
 bh=nv6MqQkNpIgahObvaWj5GL3BfM/091CWUZTFs1+NAnM=; 
 b=V4vnec5dOH9cpFAyA/mwEptKAi1Car5kczCRLraMaL39t2q+uKqZ+4fG/kzZ32+hm8fAKUYm5i0EBCL+d6rp5OZ6mT3K28r+8ah7wvLiO3K6LTR1Ms88+tg6zjddDbwT/M72FovSuOzCPozN3h+mYJjp5+yYdAFSES+lV24YJz4=;
Received: from [10.10.10.34] (helo=frv34.fwdcdn.com)
 by frv198.fwdcdn.com with smtp ID 1WQv5M-0003kq-5q
 for freebsd-virtualization@freebsd.org; Fri, 21 Mar 2014 10:45:52 +0200
Date: Fri, 21 Mar 2014 10:45:51 +0200
From: wishmaster <artemrts@ukr.net>
Subject: Re[2]: misc/187665: unable to disable IPFW with VIMAGE
To: "Andrey V. Elsukov" <ae@freebsd.org>
X-Mailer: mail.ukr.net 5.0
Message-Id: <1395391117.294356046.7txcun6f@frv34.fwdcdn.com>
In-Reply-To: <532BF77D.6070007@FreeBSD.org>
References: <532BF77D.6070007@FreeBSD.org>
MIME-Version: 1.0
Received: from artemrts@ukr.net by frv34.fwdcdn.com;
 Fri, 21 Mar 2014 10:45:51 +0200
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: binary
Content-Disposition: inline
Cc: freebsd-virtualization@freebsd.org, bug-followup@freebsd.org
X-BeenThere: freebsd-virtualization@freebsd.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Discussion of various virtualization techniques FreeBSD supports."
 <freebsd-virtualization.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-virtualization>, 
 <mailto:freebsd-virtualization-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-virtualization/>
List-Post: <mailto:freebsd-virtualization@freebsd.org>
List-Help: <mailto:freebsd-virtualization-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization>, 
 <mailto:freebsd-virtualization-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Mar 2014 08:46:02 -0000



 
 --- Original message ---
 From: "Andrey V. Elsukov" <ae@freebsd.org>
 Date: 21 March 2014, 10:26:23
  


> Hello,
> 
> please, check the securelevel in your jail. What value does it have?
> 
  I use securelevel 2 (in jail only. In host - default), but securelevel does not impact to net.inet.ip.fw.enable at all, because this OID is absent in base system too.
This happens only if options VIMAGE present in kernel!

Cheers,
Vitaliy