enable IPFIREWALL_DEFAULT_TO_ACCEPT for GENERIC kernel
membrana
stopeme at gmail.com
Mon Jun 15 08:37:25 UTC 2009
subbsd wrote:
> Hello maillist,
>
> Whether there is a way for booting GENERIC kernel with
> ipfw_load="YES"
>
> and
>
> 65535 allow ip from any to any
>
> rules without recompile kernel with options IPFIREWALL_DEFAULT_TO_ACCEPT ?
>
> This is single options who force me customize my own kernel with freebsd-
> update.
>
> Thanks!
>
>
put ipfw_load="YES" in /boot/loader.conf - keep in mind default is deny
use firewall_enable="YES" and firewall_type="open" in /etc/rc.conf
Available values for firewall_type:
*
open -- pass all traffic.
*
client -- will protect only this machine.
*
simple -- protect the whole network.
*
closed -- entirely disables IP traffic except for the loopback
interface.
*
UNKNOWN -- disables the loading of firewall rules.
*
/filename/ -- absolute path of file containing firewall rules
More information about the freebsd-questions
mailing list