From owner-freebsd-current  Mon Aug 24 00:48:53 1998
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id AAA11437
          for freebsd-current-outgoing; Mon, 24 Aug 1998 00:48:53 -0700 (PDT)
          (envelope-from owner-freebsd-current@FreeBSD.ORG)
Received: from mail.cybcon.com (mail.cybcon.com [205.147.64.46])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id AAA11432
          for <freebsd-current@FreeBSD.ORG>; Mon, 24 Aug 1998 00:48:52 -0700 (PDT)
          (envelope-from wwoods@cybcon.com)
Received: from support1.cybcon.com (william@support1.cybcon.com [205.147.76.99])
	by mail.cybcon.com (8.9.0/8.9.0) with ESMTP id AAA16227;
	Mon, 24 Aug 1998 00:48:03 -0700 (PDT)
Message-ID: <XFMail.980824004759.wwoods@cybcon.com>
X-Mailer: XFMail 1.3 [p0] on FreeBSD
X-Priority: 3 (Normal)
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 8bit
MIME-Version: 1.0
In-Reply-To: <19980824093037.55193@deepo.prosa.dk>
Date: Mon, 24 Aug 1998 00:47:59 -0700 (PDT)
Reply-To: wwoods@cybcon.com
From: William Woods <wwoods@cybcon.com>
To: Philippe Regnauld <regnauld@deepo.prosa.dk>
Subject: Re: Firewall Rules are weird.....look at this...in current....
Cc: FreebSD Current <freebsd-current@FreeBSD.ORG>
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

I just copied it out of LINT.....

On 24-Aug-98 Philippe Regnauld wrote:
> William Woods writes:
>> 
>> I just compiled todays cvsup of current and all is fine except this. Here is
>> a
>> portion of my firewall rules:
>> 
>> -------------------------------------
>> 00100 allow ip from any to any via lo0
>> 00200 deny ip from any to 127.0.0.0/8
>> 65000 allow ip from any to any
>> 65535 allow ip from any to any
>> 00000 deny ip from any to any
>> 00000 deny ip from any to any
> 
>       [...]
>> options         IPFIREWALL              #firewall
>> options         IPFIREWALL_VERBOSE      #print information about
>>                                         # dropped packets
>> options         IPFIREWALL_FORWARD      #enable xparent proxy support
>> options         "IPFIREWALL_VERBOSE_LIMIT=100" #limit verbosity
>> options         IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything by default
>> options         IPDIVERT                #divert sockets
>> options         IPFILTER                #kernel ipfilter support
>> options         IPFILTER_LOG            #ipfilter logging
>> #options        IPFILTER_LKM            #kernel support for ip_fil.o LKM
> 
>       Why do you have both IPFILTER and IPFW ?
> 
> -- 
>  -[ Philippe Regnauld / sysadmin / regnauld@deepo.prosa.dk / +55.4N +11.3E ]-
> 
>                The Internet is busy.  Please try again later.


---------------------
William Woods <wwoods@cybcon.com> 
Date: 24-Aug-98 / Time: 00:44:13
goto to: http//www.freebsd.org. 
--> FreeBSD 3.0 CURRENT <--


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message