From owner-freebsd-current@FreeBSD.ORG Wed Aug 6 21:20:17 2003 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E322E37B401 for ; Wed, 6 Aug 2003 21:20:17 -0700 (PDT) Received: from lightning.he.net (lightning.he.net [64.62.240.2]) by mx1.FreeBSD.org (Postfix) with SMTP id 7559A43FAF for ; Wed, 6 Aug 2003 21:20:17 -0700 (PDT) (envelope-from jmallett@landmarknetworks.com) Received: from [10.0.2.101] ([66.14.171.32]) by lightning.he.net for ; Wed, 6 Aug 2003 21:20:07 -0700 From: Juli Mallett To: freebsd-current@freebsd.org Content-Type: text/plain Organization: Landmark Networks Message-Id: <1060230124.65628.15.camel@sprout> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.4.3 Date: 06 Aug 2003 18:22:04 -1000 Content-Transfer-Encoding: 7bit Subject: ipfw - default to accept + bootp = confusion. X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Aug 2003 04:20:18 -0000 Does someone have any idea what approach to take for the following scenario? I'm leaning towards a compile time failure, or an informative panic at the beginning of bootp... You have IPFIREWALL, but not the default to accept option, and you have BOOTP. The BOOTP stuff will fail in sosend with EACCESS (informatively printed as "13"), because of IPFW, and this may be slightly non-obvious to people who haven't dealt with early ipfw interference before. If not compile time failure / panic, I'd say probably we want some way to notify a user in general of ipfw stopping pre-init operation, but I don't want to add the concept of runlevels, and don't know if there's anything there currently to do detection of if we've hit that point yet. Thanx, juli. -- juli mallett