bad test in /etc/rc.d/ip6fw
Julian Elischer
julian at elischer.org
Tue Apr 3 07:07:19 UTC 2007
Sean McNeil wrote:
> Hi Henrique,
>
>> For Firewall in IPV6 enable in kernel
>>
>> options IPV6FIREWALL # Enable ipfirewall(4) for ipv6
>> options IPV6FIREWALL_VERBOSE # Enable log's in syslogd(4)
>> options IPV6FIREWALL_VERBOSE_LIMIT=100 # Set limite in syslogd in 100
>> registers
>> options IPV6FIREWALL_DEFAULT_TO_ACCEPT # Enable default Open Firewall
>>
>> And sorry my poor english :p
>
> No problem. You miss my point, however. I have none of these in my
> kernel config yet I have net.inet6.ip6.fw.enable defined. This prevents
> the /etc/rc.d/ip6fw script from kldload'ing the appropriate module. So
> either the code that creates the kernel parameter or the script needs to
> be changed so that they work in tandem.
my bad
fixing asap
the one in ipfw will be named differently.
>
>> Henrique Mattos
>>
>> 2007/4/2, Sean McNeil <sean at mcneil.com>:
>>> I just noticed that ip6fw isn't loading the ip6fw kernel module
>>> because my kernel somehow already has the sysctl value in it. This
>>> is FreeBSD -STABLE and I have the following in my kernel:
>>>
>>> options INET # InterNETworking
>>> options INET6 # IPv6 communications protocols
>>>
>>> options IPFIREWALL
>>> options IPFIREWALL_FORWARD
>>> options IPDIVERT
>>> options DUMMYNET
>>>
>>> net.inet6.ip6.fw.enable managed to get in the kernel.
>>>
>>> Cheers,
>>> Sean
>>> _______________________________________________
>>> freebsd-ipfw at freebsd.org mailing list
>>> http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
>>> To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe at freebsd.org"
>>>
>>
>>
>
> _______________________________________________
> freebsd-ipfw at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
> To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe at freebsd.org"
More information about the freebsd-ipfw
mailing list