From owner-freebsd-hackers Thu Apr 3 05:17:07 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id FAA21742 for hackers-outgoing; Thu, 3 Apr 1997 05:17:07 -0800 (PST) Received: from cheops.anu.edu.au (avalon@cheops.anu.edu.au [150.203.76.24]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id FAA21733 for ; Thu, 3 Apr 1997 05:17:04 -0800 (PST) Message-Id: <199704031317.FAA21733@freefall.freebsd.org> Received: by cheops.anu.edu.au (1.37.109.16/16.2) id AA028673124; Thu, 3 Apr 1997 23:12:04 +1000 From: Darren Reed Subject: securelevel & IP filter To: hackers@freebsd.org Date: Thu, 3 Apr 1997 23:12:04 +1000 (EST) X-Mailer: ELM [version 2.4 PL23] Content-Type: text Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk I'm aware of the kernel recognising securelevel having a value of -1, 0, 1 or 2 and above but are there any plans for implementing something more than this ? It has been suggested that IP Filter disallow changes to filter rules if securelevel is set to some level...(I think 3 was the suggestion). However, before doing this, I want to poll people on whether they think three is appropriate, or should 10 be used (say) as a synonym for "firewall security level". Thoughts ? Darren