Date: Tue, 29 Jan 2002 15:31:02 -0600 From: "Mike Meyer" <mwm-dated-1012771863.1eab52@mired.org> To: Matthew Dillon <dillon@apollo.backplane.com> Cc: "Freebsd-Stable" <freebsd-stable@FreeBSD.ORG> Subject: Re: Proposed Solution To Recent "firewall_enable" Thread. [Please Read] Message-ID: <15447.5270.719716.953800@guru.mired.org> In-Reply-To: <200201292106.g0TL6T748013@apollo.backplane.com> References: <SQ5323WMGH94GE51S204VULSNEA.3c56fdd9@VicNBob> <200201292106.g0TL6T748013@apollo.backplane.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Matthew Dillon <dillon@apollo.backplane.com> types: > Simple, obvious, straightforward. All this other crap about having to > specify firewall_ options one way if you have the firewall compiled in > and another way if you don't is, well, crap. /etc/rc.conf should work > the same no matter how the kernel is compiled. /etc/rc.conf *does* work the same way no matter how the kernel is compiled. If you set firewall_enable=YES, it makes sure that ipfw is available, then loads your firewall rules. If you set firewall_enable=NO, it doesn't do anything at all. Of course, if you think "firewall_enable=NO" means you should be able to get to the system over the network "no matter how the kernel is compiled", how are you going to make it work if the kernel was compiled without the INET option? <mike -- Mike Meyer <mwm@mired.org> http://www.mired.org/home/mwm/ Independent WWW/Perforce/FreeBSD/Unix consultant, email for more information. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?15447.5270.719716.953800>