Date: Tue, 29 Jan 2002 01:48:07 -0500 (EST) From: Richard Glidden <rglidden@zaphod.wox.org> To: Gerhard Sittig <Gerhard.Sittig@gmx.net> Cc: stable@FreeBSD.ORG Subject: Re: Firewall config non-intuitiveness Message-ID: <20020129014002.X11997-100000@charon.acheron.localnet> In-Reply-To: <20020129004415.F1494@shell.gsinet.sittig.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 29 Jan 2002, Gerhard Sittig wrote:
> Huh? `uname -sr` please! :) You must have been in front of a
> different system.
> I haven't seen anything different from
>
> firewall_enable
> (bool) Set to ``YES'' to load firewall rules at startup.
> If the kernel was not built with IPFIREWALL, the ipfw ker-
> nel module will be loaded. See also ipfilter_enable.
rglidden@charon:~$ uname -sr
FreeBSD 4.4-RELEASE-p4
rglidden@charon:~$ man rc.conf
[... skip down a bit ...]
firewall_enable
(bool) Set to ``NO'' if you do not want have firewall rules
loaded at startup, or ``YES'' if you do. If set to ``YES'', and
the kernel was not built with IPFIREWALL, the ipfw kernel module
will be loaded. See also ipfilter_enable.
I wouldn't be surprised if the "NO" part was removed since 4.4-RELEASE,
since the sentence you quoted is a bit more concise. But in the interests
of clarity, a NO section really should be added back, which describes the
interaction with NO & IPFIREWALL in the kernel config, IMO.
- Richard
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020129014002.X11997-100000>