From owner-cvs-share Tue Sep 9 23:38:03 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id XAA10903 for cvs-share-outgoing; Tue, 9 Sep 1997 23:38:03 -0700 (PDT) Received: from GndRsh.aac.dev.com (GndRsh.aac.dev.com [198.145.92.241] (may be forged)) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id XAA10895; Tue, 9 Sep 1997 23:37:45 -0700 (PDT) Received: (from rgrimes@localhost) by GndRsh.aac.dev.com (8.8.5/8.7.3) id XAA18070; Tue, 9 Sep 1997 23:36:54 -0700 (PDT) From: "Rodney W. Grimes" Message-Id: <199709100636.XAA18070@GndRsh.aac.dev.com> Subject: Re: cvs commit: src/share/man/man4 ipfirewall.4 In-Reply-To: <199709100311.UAA29699@freefall.freebsd.org> from Peter Wemm at "Sep 9, 97 08:11:36 pm" To: peter@FreeBSD.ORG (Peter Wemm) Date: Tue, 9 Sep 1997 23:36:54 -0700 (PDT) Cc: cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG, cvs-share@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL25 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-cvs-share@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > peter 1997/09/09 20:11:36 PDT > > Modified files: > share/man/man4 ipfirewall.4 > Log: > Mention IPFIREWALL_DEFAULT_TO_ACCEPT and it's effect on rule 65535. How about taking this one step further and actually allowing full and complete specification of the default rule. I really hate having to do this: 65534 0 0 deny log ip from any to any 65535 0 0 deny ip from any to any As often during a sh /etc/rc.firewall I get hits on the last one, and they didn't get logged :-(. -- Rod Grimes rgrimes@gndrsh.aac.dev.com Accurate Automation, Inc. Reliable computers for FreeBSD