Date: Mon, 28 Jan 2002 14:12:38 -0700 From: Chad David <davidc@acns.ab.ca> To: "Jacques A. Vidrine" <n@nectar.cc> Cc: freebsd-stable@FreeBSD.ORG Subject: Re: firewall config (CTFM) Message-ID: <20020128141238.H66369@colnta.acns.ab.ca> In-Reply-To: <20020128210128.GG42996@madman.nectar.cc>; from n@nectar.cc on Mon, Jan 28, 2002 at 03:01:28PM -0600 References: <B95B566BD245174196CA4EE29E5818831B6469@HEXCH01.robhughes.com> <20020128113806.O95859-100000@rockstar.stealthgeeks.net> <20020128132015.A66369@colnta.acns.ab.ca> <20020128203640.GB42996@madman.nectar.cc> <20020128134717.F66369@colnta.acns.ab.ca> <20020128210128.GG42996@madman.nectar.cc>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jan 28, 2002 at 03:01:28PM -0600, Jacques A. Vidrine wrote: > On Mon, Jan 28, 2002 at 01:47:17PM -0700, Chad David wrote: > > On Mon, Jan 28, 2002 at 02:36:40PM -0600, Jacques A. Vidrine wrote: > > > On Mon, Jan 28, 2002 at 01:20:15PM -0700, Chad David wrote: > > > > One of the things I would recommend documenting very clearly is that > > > > you DO NOT NEED TO COMPILE IPFW INTO THE KERNEL. > > > > > > Except if you want to default to deny, you must [1]. The rc system > > > loads the firewall after configuring your interfaces. This may be a > > > bug. > > > > Hmmm, possibly. But given that this is exactly the behavior that is > > being argued for I'm not sure I'd call it a bug. > > I'm not sure you understood what I meant (I should have written > `firewall module' rather than `firewall' above). It could be called a > bug for network interfaces to be activated before the network security > policy has been set. Yes, I understood you... its was I who was unclear. Basically I was agree with you :). -- Chad David davidc@acns.ab.ca www.FreeBSD.org davidc@freebsd.org ACNS Inc. Calgary, Alberta Canada Fourthly, The constant breeders, beside the gain of eight shillings sterling per annum by the sale of their children, will be rid of the charge of maintaining them after the first year. - Johnathan Swift To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020128141238.H66369>