From owner-freebsd-ipfw@FreeBSD.ORG Tue Apr 3 07:07:19 2007 Return-Path: X-Original-To: ipfw@freebsd.org Delivered-To: freebsd-ipfw@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id AD5A916A406 for ; Tue, 3 Apr 2007 07:07:19 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outI.internet-mail-service.net (outI.internet-mail-service.net [216.240.47.232]) by mx1.freebsd.org (Postfix) with ESMTP id 988A913C4BE for ; Tue, 3 Apr 2007 07:07:19 +0000 (UTC) (envelope-from julian@elischer.org) Received: from mx0.idiom.com (HELO idiom.com) (216.240.32.160) by out.internet-mail-service.net (qpsmtpd/0.32) with ESMTP; Mon, 02 Apr 2007 23:37:36 -0700 Received: from [192.168.2.5] (home.elischer.org [216.240.48.38]) by idiom.com (Postfix) with ESMTP id 74EC3125ADD; Tue, 3 Apr 2007 00:07:18 -0700 (PDT) Message-ID: <4611FD25.3090107@elischer.org> Date: Tue, 03 Apr 2007 00:07:17 -0700 From: Julian Elischer User-Agent: Thunderbird 1.5.0.10 (Macintosh/20070221) MIME-Version: 1.0 To: Sean McNeil References: <001601c7755d$79cf1010$07e90b93@ferrari> <8207a8df0704021959x18ddcd6fud43a1422da78d4f3@mail.gmail.com> <001201c7759e$985f1840$3200010a@ferrari> In-Reply-To: <001201c7759e$985f1840$3200010a@ferrari> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: ProtectNet , ipfw@freebsd.org Subject: Re: bad test in /etc/rc.d/ip6fw X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Apr 2007 07:07:19 -0000 Sean McNeil wrote: > Hi Henrique, > >> For Firewall in IPV6 enable in kernel >> >> options IPV6FIREWALL # Enable ipfirewall(4) for ipv6 >> options IPV6FIREWALL_VERBOSE # Enable log's in syslogd(4) >> options IPV6FIREWALL_VERBOSE_LIMIT=100 # Set limite in syslogd in 100 >> registers >> options IPV6FIREWALL_DEFAULT_TO_ACCEPT # Enable default Open Firewall >> >> And sorry my poor english :p > > No problem. You miss my point, however. I have none of these in my > kernel config yet I have net.inet6.ip6.fw.enable defined. This prevents > the /etc/rc.d/ip6fw script from kldload'ing the appropriate module. So > either the code that creates the kernel parameter or the script needs to > be changed so that they work in tandem. my bad fixing asap the one in ipfw will be named differently. > >> Henrique Mattos >> >> 2007/4/2, Sean McNeil : >>> I just noticed that ip6fw isn't loading the ip6fw kernel module >>> because my kernel somehow already has the sysctl value in it. This >>> is FreeBSD -STABLE and I have the following in my kernel: >>> >>> options INET # InterNETworking >>> options INET6 # IPv6 communications protocols >>> >>> options IPFIREWALL >>> options IPFIREWALL_FORWARD >>> options IPDIVERT >>> options DUMMYNET >>> >>> net.inet6.ip6.fw.enable managed to get in the kernel. >>> >>> Cheers, >>> Sean >>> _______________________________________________ >>> freebsd-ipfw@freebsd.org mailing list >>> http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw >>> To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org" >>> >> >> > > _______________________________________________ > freebsd-ipfw@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org"