Date: Fri, 1 Mar 2002 10:00:04 -0800 (PST) From: "Crist J. Clark" <crist.clark@attbi.com> To: freebsd-bugs@FreeBSD.org Subject: Re: conf/35178: ipfilter for IPV6 not availlable in rc.* Message-ID: <200203011800.g21I04i13911@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR conf/35178; it has been noted by GNATS.
From: "Crist J. Clark" <crist.clark@attbi.com>
To: Jeremy Norris <ishmael27x@yahoo.com>
Cc: FreeBSD-gnats-submit@FreeBSD.org
Subject: Re: conf/35178: ipfilter for IPV6 not availlable in rc.*
Date: Fri, 1 Mar 2002 09:59:30 -0800
On Fri, Mar 01, 2002 at 11:19:18AM -0600, Jeremy Norris wrote:
> On Fri, Mar 01, 2002 at 08:37:05AM -0800, Crist J. Clark wrote:
> > The problem with that is ipfilter_active would not be available at
> > this point. It is local to the network_pass1() function in
> > rc.network. It is possible to make it global, but very kludgey,
> > passing data between the scripts in that way. In my scripts, I've just
> > dropped the flush completely. It doesn't really seem all that
> > necessary to me.
>
> Except it will flush all your ipv4 rules, leaving you with either all ipv4
> passed in and out or all blocked in and out if you compiled with
> IPFILTER_DEFAULT_BLOCK.
Huh? I said "I've dropped the flush completely."
--
Crist J. Clark | cjclark@alum.mit.edu
| cjclark@jhu.edu
http://people.freebsd.org/~cjc/ | cjc@freebsd.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200203011800.g21I04i13911>