Date: Mon, 28 Jan 2002 22:17:24 -0800 (PST) From: Matthew Dillon <dillon@apollo.backplane.com> To: "Thomas T. Veldhouse" <veldy@veldy.net> Cc: <andrew.cowan@hsd.com.au>, "Nate Williams" <nate@yogotech.com>, "Freebsd-Stable" <freebsd-stable@FreeBSD.ORG> Subject: Re: Proposed Solution To Recent "firewall_enable" Thread. [Please Read] Message-ID: <200201290617.g0T6HO036172@apollo.backplane.com> References: <NEBBJIKPNGEHLCBOLMDMMEBOFPAC.andrew.cowan@hsd.com.au> <001e01c1a873$bdf12f10$0101a8c0@cascade>
next in thread | previous in thread | raw e-mail | index | archive | help
Lets not make things even more confusing then they already are. The
answer to me is simple:
If firewall_enable is "NO" and ipfw is active, /etc/rc* should
simply add a rule to allow all traffic. Simple. Problem solved.
-Matt
:What would the expected functionality be for this?
:
:ipfw_enable=no
:ipfw_firewall_enable=yes
:
:And what would the expected funcationality be for this?
:
:ipfw_enable=yes
:ipfw_firewall_enable=no
:
:I would expect the former to not load the ipfw module, so what does the
:firewall enable option do?
:
:I would expect the latter to load the ipfw module and the latter to not run
:the firewall script. Seems to make sense, except what happens when you have
:IPFIREWALL built into the kernel?
:
:Tom Veldhouse
:veldy@veldy.net
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200201290617.g0T6HO036172>