From owner-freebsd-current Fri Feb 1 23:57:18 2002 Delivered-To: freebsd-current@freebsd.org Received: from midway.uchicago.edu (midway.uchicago.edu [128.135.12.12]) by hub.freebsd.org (Postfix) with ESMTP id B2D1E37B405 for ; Fri, 1 Feb 2002 23:57:15 -0800 (PST) Received: from there (adsl-65-42-81-229.dsl.chcgil.ameritech.net [65.42.81.229]) by midway.uchicago.edu (8.11.6/8.11.6) with SMTP id g127vDg12497; Sat, 2 Feb 2002 01:57:13 -0600 (CST) Message-Id: <200202020757.g127vDg12497@midway.uchicago.edu> Content-Type: text/plain; charset="iso-8859-1" From: David Syphers Reply-To: charon@seektruth.org To: "M. Warner Losh" Subject: Re: firewall_enable Date: Sat, 2 Feb 2002 01:57:13 -0600 X-Mailer: KMail [version 1.3.2] References: <20020202005621.841F4406A@i8k.babbleon.org> <20020202033112.5490F406A@i8k.babbleon.org> <20020201.225650.39719656.imp@village.org> In-Reply-To: <20020201.225650.39719656.imp@village.org> Cc: current@FreeBSD.ORG MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Friday 01 February 2002 11:56 pm, M. Warner Losh wrote: > Actually, there's a simple way around this that is failsafe. > > firewall_enable=YES What it deos now > =NO Wide open > =FAILSAFE Defaults to wired down. Before the discussion on -stable degenerated, there were several calls for making this variable tri-state. It definitely seems like the best solution. Now that this is on -current and we have something concrete, maybe it can get committed :) -David To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message