Date: Mon, 29 Jul 2013 17:04:40 +0300 From: Konstantin Belousov <kostikbel@gmail.com> To: Karl Pielorz <kpielorz_lst@tdx.co.uk> Cc: freebsd-hackers@freebsd.org Subject: Re: kldload ipfw, with IPFIREWALL_DEFAULT_TO_ACCEPT Message-ID: <20130729140440.GN4972@kib.kiev.ua> In-Reply-To: <AC5633093C6F6EB16C5C7DEF@Mail-PC.tdx.co.uk> References: <1D6BF13DFC536AFC94EC6D64@Mail-PC.tdx.co.uk> <51F64BCC.9000301@freebsd.org> <AC5633093C6F6EB16C5C7DEF@Mail-PC.tdx.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
--dzI2QqkSBOAresgT Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Jul 29, 2013 at 12:27:40PM +0100, Karl Pielorz wrote: >=20 >=20 > --On 29 July 2013 13:02 +0200 Stefan Esser <se@freebsd.org> wrote: >=20 > > I guess you were looking for: > > > > net.inet.ip.fw.default_to_accept=3D"1" > > > > which is a tunable to be set in /boot/loader.conf ... >=20 > Very probably - but that's at boot time :( - Is there nothing I can do at= =20 > kldload time to have the initial kldload give me a 'allow ip from any to= =20 > any' rule as it loads? (thus not affecting traffic on the machine, or mor= e=20 > importantly the CARP interfaces)? kenv net.inet.ip.fw.default_to_accept=3D1 should have the same effect after the usermode is booted. Kenv must be set before the module is loaded. --dzI2QqkSBOAresgT Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.20 (FreeBSD) iQIcBAEBAgAGBQJR9nZ3AAoJEJDCuSvBvK1BVsgP/1cq8116/8Rqq4ZIFovVsLyf CxNw6mHAMwdiImaDIauokGXPnKMKaJmxMr9HEe8TKVNsiTqiiz9+IIhZZzhNHxpa 9cnxJHif2mLnJNBe/OEjcqR/nz2BVa/B3z/e0/2qulfdhn0CqSiA3w0SZa2Jseaj oojcbtwo5IDH78kM/DufuDnuvGHWcPyeL1BSNTai4nZaIeddgS2vmtpo7qubeKco 9uGM0LZ/W2APxYRf5pvzULDcbuOmx0bN60GBTGhdGU54paLRuPV6TFTBvG3FjVQG GuAurggqkRdQpDBqlINg64wmeIa5HgM4khqArqVD21u+1vDD9y1yPg5Mq8fK1dpd 2muJ0pC8abkUYxWeh93yhnHtbw5xwJ5IYub8+sDg3ORgvH1rKadvb/JAaqzhSHDx EB0FPzUwTdz3bhUhucVwTUFFTMekajX82FNjsRJu4KqpeUon5vWYvHubVJVaGTkf vhg+qbmoFXUOzMhfVI+Njg7T6IeeL/MKV9FgdH042Y4jKerSugo7J72pAt+JyqgA usQPQEdUR5vdpOQo4OiPb0Lg/oHpBcwcHwBGeoWCwvUk8j3TKe3lvrgIEKrU7Fxh XQadT3HvPQhgxz6JfR32HGeBCwNb0p+gg915CXEDVMZ8vlLxrQx0ZPFn1GhmSeKE BvHM/yrViI7xURpFTnI0 =kgPp -----END PGP SIGNATURE----- --dzI2QqkSBOAresgT--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130729140440.GN4972>