Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 26 Oct 2000 13:36:40 -0700
From:      Glen Gross <ggross@symark.com>
To:        "'Bill Fumerola'" <billf@chimesnet.com>
Cc:        "'FreeBSD-Current'" <freebsd-current@freebsd.org>
Subject:   RE: ipfw question.
Message-ID:  <01C03F51.C66C48A0.ggross@symark.com>
next in thread | raw e-mail | index | archive | help 
Thanks, I suppose I should have been able to figure that one out... if I could 
log in!  I will fix it when I get home.  :-)

On Thursday, October 26, 2000 1:32 PM, Bill Fumerola [SMTP:billf@chimesnet.com] 
wrote:
> On Thu, Oct 26, 2000 at 01:31:03PM -0700, Glen Gross wrote:
> >
> > I built a 4.1.1 kernel, and the module was built, but when I load the ipfw
> > module with
> >
> > #kldload ipfw
> >
> > it defaults to a deny_all policy, even though I have default_to_accept in 
my
> >
> > kernel configuration.
> > This makes it difficult to configure remotely without getting locked out of
> > the
> > system.
> > Is there a way to cause the ipfw module to default to a different policy
> > upon
> > loading?
> > For now it appears that I am locked out, until I can access the console.
>
> Your kernel configuration has ABSOLUTLY NOTHING to do with your module 
builds.
>
>
> [hawk-billf] /usr/src > cat sys/modules/ipfw/Makefile
> # $FreeBSD: src/sys/modules/ipfw/Makefile,v 1.13 2000/05/27 01:13:50 peter 
Exp
> $
>
> .PATH:  ${.CURDIR}/../../netinet
> KMOD=   ipfw
> SRCS=   ip_fw.c
> NOMAN=
> CFLAGS+= -DIPFIREWALL
> #
> #If you want it verbose
> #CFLAGS+= -DIPFIREWALL_VERBOSE
> #CFLAGS+= -DIPFIREWALL_VERBOSE_LIMIT=100
> #
> #If you want it to pass all packets by default
> #CFLAGS+= -DIPFIREWALL_DEFAULT_TO_ACCEPT
> #
>
> Guess what you should uncomment....
>
> --
> Bill Fumerola - Network Architect, BOFH / Chimes, Inc.
>                 billf@chimesnet.com / billf@FreeBSD.org
>



Glen M. Gross
Unix Technical Support Specialist
Symark Software
5716 Corsa Avenue, Suite 200
Westlake Village, CA  91362
http://www.symark.com
unix-support@symark.com
Main: 800-234-9072 or 818-865-6100
Main fax: 818-889-1894





To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01C03F51.C66C48A0.ggross>