From owner-freebsd-security Thu Oct 5 17:40:14 2000 Delivered-To: freebsd-security@freebsd.org Received: from jamus.xpert.com (jamus.xpert.com [199.203.132.17]) by hub.freebsd.org (Postfix) with ESMTP id 3416837B503 for ; Thu, 5 Oct 2000 17:40:09 -0700 (PDT) Received: from roman (helo=localhost) by jamus.xpert.com with local-esmtp (Exim 3.12 #5) id 13hLYW-0006Jx-00; Fri, 06 Oct 2000 02:40:08 +0200 Date: Fri, 6 Oct 2000 02:40:08 +0200 (IST) From: Roman Shterenzon To: Craig Cowen Cc: freebsd-security@FreeBSD.ORG Subject: Re: Default Deny In-Reply-To: <39DCBBE5.D547475A@allmaui.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 5 Oct 2000, Craig Cowen wrote: > I had a hell of a time finding this info when I first set up ipf. > obfusication.org has everything you need to know once you have it setup but > no precise setup info. > > Craig The ipfilter in freebsd seems cursed or abandoned. Example: this option is not documented. Another example: there're no hooks to start ipfilter from /etc/rc* eventhough there's PR: 20202 > Roman Shterenzon wrote: > > > On Fri, 6 Oct 2000, Darren Reed wrote: > > > > > In some mail from Craig Cowen, sie said: > > > > Would someone please remind me how to congif my kernel for default > > > > deny with ipfilter? > > > > > > options IPFILTER_DEFAULT_BLOCK > > > > Why isn't it mentioned in the LINT file? > > Neither in man pages I couldn't find it. > > Should I fill a PR? > > > > --Roman Shterenzon, UNIX System Administrator and Consultant > > [ Xpert UNIX Systems Ltd., Herzlia, Israel. Tel: +972-9-9522361 ] > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > -- > Craig Cowen > 408-394-6673 Cell > craig-pager@allmaui.com > > > --Roman Shterenzon, UNIX System Administrator and Consultant [ Xpert UNIX Systems Ltd., Herzlia, Israel. Tel: +972-9-9522361 ] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message