From owner-freebsd-questions@FreeBSD.ORG  Tue Nov  6 14:15:16 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id B07CD16A41A;
	Tue,  6 Nov 2007 14:15:16 +0000 (UTC)
	(envelope-from ecrist@secure-computing.net)
Received: from snipe.secure-computing.net (snipe.secure-computing.net
	[209.240.66.149])
	by mx1.freebsd.org (Postfix) with ESMTP id 8C07013C4B8;
	Tue,  6 Nov 2007 14:15:15 +0000 (UTC)
	(envelope-from ecrist@secure-computing.net)
Received: from swordfish.local.claimlynx.com (unknown [74.95.66.25])
	(using TLSv1 with cipher AES128-SHA (128/128 bits))
	(No client certificate requested)
	(Authenticated sender: ecrist@secure-computing.net)
	by snipe.secure-computing.net (Postfix) with ESMTP id EDB9617043;
	Tue,  6 Nov 2007 08:15:01 -0600 (CST)
Message-Id: <0F869E5F-EF2C-468A-BF14-960E59159F32@secure-computing.net>
From: Eric F Crist <ecrist@secure-computing.net>
To: Andrey V. Elsukov <bu7cher@yandex.ru>
In-Reply-To: <47306CD0.7030301@yandex.ru>
Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0 (Apple Message framework v912)
Date: Tue, 6 Nov 2007 08:15:00 -0600
References: <F23889F8-D6A6-4741-9D05-A60DE5D20967@secure-computing.net>
	<473009B2.40406@yandex.ru>
	<4C884976-8734-4112-8520-2E30893C0BE3@secure-computing.net>
	<47306CD0.7030301@yandex.ru>
X-Mailer: Apple Mail (2.912)
Cc: freebsd-net@freebsd.org, User Questions <freebsd-questions@freebsd.org>
Subject: Re: IPFW/Divert problem...
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Nov 2007 14:15:16 -0000

On Nov 6, 2007, at 7:32 AM, Andrey V. Elsukov wrote:

> Eric F Crist wrote:
>> firewall_enable="YES"
>> firewall_script="/etc/ipfw.sh"
>> FWIW, ipfw.sh ONLY has count rules it it.  There isn't any NAT/etc  
>> going on here.  Also, IPFW was compiled with DEFAULT TO ACCEPT,  
>> since I'm not really using it for anything other than accounting.
>
> In the your /etc/ipfw.sh script you should use "-f" flag when you run
> ipfw flush command.


I am, but that has nothing to do with my problem.  My problem is that,  
during system boot, I'm asked the following question:

Loading divert daemons Are you sure? [yn]:

The system sits there indefinitely until the question is answered.  I  
need this to go away.
-----
Eric F Crist
Secure Computing Networks