From owner-freebsd-stable Tue Jan 29 17:14:20 2002 Delivered-To: freebsd-stable@freebsd.org Received: from mailf.telia.com (mailf.telia.com [194.22.194.25]) by hub.freebsd.org (Postfix) with ESMTP id 6B84337B400 for ; Tue, 29 Jan 2002 17:13:56 -0800 (PST) Received: from d1o913.telia.com (d1o913.telia.com [195.252.44.241]) by mailf.telia.com (8.11.6/8.11.6) with ESMTP id g0U1Dsj04110 for ; Wed, 30 Jan 2002 02:13:54 +0100 (CET) Received: from falcon.midgard.homeip.net (h185n2fls20o913.telia.com [212.181.163.185]) by d1o913.telia.com (8.8.8/8.8.8) with SMTP id CAA10737 for ; Wed, 30 Jan 2002 02:13:54 +0100 (CET) Received: (qmail 99653 invoked by uid 1001); 30 Jan 2002 01:13:50 -0000 Date: Wed, 30 Jan 2002 02:13:49 +0100 From: Erik Trulsson To: Siegbert Baude Cc: freebsd-stable@freebsd.org Subject: Re: Summary: Problems and Proposals of firewall_enable (was: Re: firewall config (CTFM)) Message-ID: <20020130011347.GA99635@student.uu.se> Mail-Followup-To: Siegbert Baude , freebsd-stable@freebsd.org References: <15445.37204.693732.376471@caddis.yogotech.com> <20020128150458.E10891-100000@charon.acheron.localnet> <15445.46625.765383.179068@caddis.yogotech.com> <20020128223911.GA7080@rhadamanth> <008001c1a877$091c2aa0$4011a8c0@whwurm.uniulm.de> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <008001c1a877$091c2aa0$4011a8c0@whwurm.uniulm.de> User-Agent: Mutt/1.3.25i Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Tue, Jan 29, 2002 at 04:42:54AM +0100, Siegbert Baude wrote: > > Problem 4: > Maybe only my ignorance, because I never did it: How do I find out > before reboot, if IPFIREWALL is compiled in my kernel, if the relevant > config file is not there, e.g. on very stripped installations, where > make buildworld/-kernel is done on external machines? We all know the > lack of documentation in the real admin's world. Verbal heritage between > admin generations is sometimes suboptimal, too. > Don't forget compiling kernel with IPFIREWALL to be the recommended way, > as someone mentioned in this thread! So this should be found in numerous > computers. kldstat -v | grep ipfw should do the trick. (To differ between if ipfw is compiled into the kernel directly or has been loaded as a module you will probably have to look at the output of 'kldstat -v' manually. (Or write a smarter program to check the output.)) -- Erik Trulsson ertr1013@student.uu.se To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message