From owner-freebsd-stable@FreeBSD.ORG Fri Feb 17 21:00:36 2006 Return-Path: X-Original-To: freebsd-stable@freebsd.org Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2C94F16A47C for ; Fri, 17 Feb 2006 21:00:36 +0000 (GMT) (envelope-from rhelmus@gmail.com) Received: from nproxy.gmail.com (nproxy.gmail.com [64.233.182.202]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8325143D45 for ; Fri, 17 Feb 2006 21:00:35 +0000 (GMT) (envelope-from rhelmus@gmail.com) Received: by nproxy.gmail.com with SMTP id y25so343190nfb for ; Fri, 17 Feb 2006 13:00:34 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:mime-version:content-type; b=O5FEAK0dNHg0psUDJO5JfrKVyoB0IU0B7zcjQqBoNazJ89vCqJLo4gkZkRVFQwvHPikNZIqXkFiNVXUfmoPxlxp++fR2/HY7RuaCOVJEQ/rAhCr4BAoOeKC0CSMG4aoVVtgDyrenhkAjfWPI4gC4c3B46LBezkCPIW3No6WDIKg= Received: by 10.48.42.2 with SMTP id p2mr546271nfp; Fri, 17 Feb 2006 13:00:33 -0800 (PST) Received: by 10.49.28.13 with HTTP; Fri, 17 Feb 2006 13:00:33 -0800 (PST) Message-ID: Date: Fri, 17 Feb 2006 21:00:33 +0000 From: "Rick Helmus" To: freebsd-stable@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Ignoring firewall startup scripts X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 17 Feb 2006 21:00:37 -0000 Hello all, Today I upgraded to stable 6.1. Everything went successfull, however when I booted I found out that I lost internet. I have the following IPFW options in my kernel: options IPFIREWALL options IPDIVERT options IPFIREWALL_FORWARD rc.conf: hostname=3D"Rick-FBSD.lan" ifconfig_rl0=3D"DHCP" ipv6_enable=3D"NO" linux_enable=3D"YES" gateway_enable=3D"YES" firewall_enable=3D"YES" firewall_script=3D"/etc/rc.firewall" firewall_type=3D"open" #ipv6_firewall_enable=3D"YES" #ipv6_firewall_type=3D"OPEN" natd_enable=3D"YES" natd_interface=3D"rl0" natd_flags=3D"" moused_enable=3D"NO" moused_type=3D"NO" saver=3D"daemon" usbd_enable=3D"YES" #samba_enable=3D"YES" #cupsd_enable=3D"YES" vpnbridge_enable=3D"NO" #allscreens_flags=3D"MODE_280" After typing 'ipfw list' I found out there was onlyone rule (65535) was about blocking anything. This is the default afaik. Before upgrading I had some other rules too (simply using the "open" IPFW firewall type from rc.firewall). So I'm assuming the ipfw scripts aren't called anymore? I modified the kernel to allow anything by default so I got inet again, but if anyone know a better solution... :) Cheers, Rick